Lost access to Azure tenant

Ewan Davies 20 Reputation points
2025-02-01T19:13:09.73+00:00

I set up an Azure tenant, and I've somehow locked myself out of it, and when I now try to sign in it says I don't have access and need to be added as an external user - but I'm trying to log in as the user that owns the tenant? This is the error message:

"interaction_required: AADSTS16000: User account '{EUII Hidden}' from identity provider 'live.com' does not exist in tenant 'Default Directory' and cannot access the application '74658136-14ec-4630-ad9b-26e160ff0fc6'(ADIbizaUX) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account. Trace ID: 14477392-d0ed-4778-a8d2-8b3c0ae80a00 Correlation ID: 35a3cd20-28aa-4465-8481-b08e1ac24bc2 Timestamp: 2025-02-01 18:19:21Z",

The resources that I have set up on the tenant are still running, I just can't access the portal any more. I'm quite new to this so I've probably left out some important details, but hopefully it's enough.

I have also tried raising a support request, however it doesn't seem to work because of the access issue. I'm the only account on the tenant, so I'm a bit stumped as to how I can get access again.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,163 questions
0 comments No comments
{count} votes

Accepted answer
  1. Sandeep G-MSFT 20,701 Reputation points Microsoft Employee
    2025-02-03T02:09:02.9666667+00:00

    @Ewan Davies

    Thank you for posting this in Microsoft Q&A.

    As I understand you are unable to login to Azure portal and you are getting "AADSTS16000" error which is saying your account could not be found in the tenant.

    Since you mentioned that you have set up your account recently, there are possibilities that you are trying to login to different tenant.

    Try logging in to below URL,

    https://portal.azure.com/<domain.onmicrosoft.com>

    Replace "domain.onmicrosoft.com" in above URL with the actual tenant. Enter you account credentials and confirm if this solution works.

    If this is not solving the issue, then you will have to contact Microsoft support team to get your global admin account unblocked,

    If you are the only global admin on the account and are blocked entirely, you can reach out to our support team. You can look into below article to get support numbers depending on your country.

    https://support.microsoft.com/en-us/topic/global-customer-service-phone-numbers-c0389ade-5640-e588-8b0e-28de8afeb3f2

    Create a ticket with Microsoft support team. Give them the tenant ID which is locked out in your description. Tell them that no admin account has access anymore and your partners also have no access anymore.

    Once you create a ticket with support team you will have to work with our data protection team. You will have to first prove your identity against your tenant for security purpose. Post that this team will help you with help you in getting access to your tenant or unlock your account depending on your scenario.

    Also, for the future, you can create an emergency access account (break glass) in Azure AD. This account will help prevent being accidentally locked out of your Azure Active Directory (Azure AD) organization because you can't sign in for any reason.

    https://docs.microsoft.com/en-us/azure/active-directory/roles/security-emergency-access

    Let me know if you have any further questions on this.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.


1 additional answer

Sort by: Most helpful
  1. Marcin Policht 35,200 Reputation points MVP
    2025-02-01T19:35:45.1533333+00:00

    Follow https://learn.microsoft.com/en-us/answers/questions/1098815/ive-lost-access-to-my-azure-tenant


    If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

    hth

    Marcin


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.