I cannot access Microsoft Application Network Portal

Question

I cannot access Microsoft Application Network Portal

Michael Shvets 0

Hi,

I'm trying to request app to be published at catalogue but I cannot access Microsoft Application Network Portal. I'm getting error message:

AADSTS50020: User account '**' from identity provider 'https://sts.windows.net/b286824b-7254-4d97-9dcd-****/' does not exist in tenant 'Microsoft' and cannot access the application '00000003-0000-0ff1-ce00-000000000000'(Office 365 SharePoint Online) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.

This is super confusing, 'coz I'm logged in as the same account which was used to create at app, it's my work account. Please explain.

2 answers

Your answer

Answer 1

Hello @Michael Shvets I hope you are doing well

The error message AADSTS50020 indicates that the user account you're trying to use is not recognized by the tenant. This typically happens when the account needs to be added as an external user in the tenant first. Here are the steps to resolve this issue:

Steps to Add an External User:

Sign in to the Microsoft Entra admin center:

Go to the Microsoft Entra admin center.

Navigate to Users:

  - Select **Users** from the left-hand menu.
  
     - Click **Invite external user** **1**.
     
     **Invite the External User**:
     
        - Enter the email address of the user you want to add.
        
           - Customize the invitation message if needed.
           
              - Click **Invite** to send the invitation email **2**.
              
              **Accept the Invitation**:
              
                 - The invited user will receive an email with an invitation link.
                 
                    - They need to click the link and follow the prompts to accept the invitation **2**.
                    
                    **Assign Necessary Permissions**:
                    
                       - After the user accepts the invitation, you can assign them to the appropriate groups and permissions within the tenant **3**.

Additional Considerations:

Ensure Correct Account Type: Verify that the app registration is set to allow multi-tenant or personal Microsoft accounts if needed 1.
Sign Out and Sign In Again: Sometimes, signing out and signing back in with the correct Azure AD account can resolve the issue 4.

For more detailed guidance, you can refer to the official documentation

1

.

The error message AADSTS50020 indicates that the user account you're trying to use is not recognized by the tenant. This typically happens when the account needs to be added as an external user in the tenant first. Here are the steps to resolve this issue:

Steps to Add an External User:

Sign in to the Microsoft Entra admin center:

Go to the Microsoft Entra admin center.

Navigate to Users:

  - Select Users from the left-hand menu.
  
     - Click Invite external user **1**.
     
     Invite the External User:
     
        - Enter the email address of the user you want to add.
        
           - Customize the invitation message if needed.
           
              - Click Invite to send the invitation email **2**.
              
              Accept the Invitation:
              
                 - The invited user will receive an email with an invitation link.
                 
                    - They need to click the link and follow the prompts to accept the invitation **2**.
                    
                    Assign Necessary Permissions:
                    
                       - After the user accepts the invitation, you can assign them to the appropriate groups and permissions within the tenant **3**.

Additional Considerations:

Ensure Correct Account Type: Verify that the app registration is set to allow multi-tenant or personal Microsoft accounts if needed 1.
Sign Out and Sign In Again: Sometimes, signing out and signing back in with the correct Azure AD account can resolve the issue 4.

For more detailed guidance, you can refer to the official documentation

😊 If my answer helped you resolve your issue, please consider marking it as the correct answer. This helps others in the community find solutions more easily. Thanks!

Michael Shvets 0 Reputation points

2025-05-01T13:17:04.6933333+00:00

I'm confused. I do have my work email. I do have user who manage Azure account/subscription under that email. I made an app. So, now, to publish that app I need to invite another user using completely different email - even maybe outside of our company?
Jose Benjamin Solis Nolasco 1,836 Reputation points

2025-05-01T13:28:34.9+00:00

@Michael Shvets you can use the Microsoft Entra admin center (formerly Azure AD) to add your work account as an external (guest) user in the target tenant.

This process involves sending an invitation from that tenant to your work email and accepting it. Once added, your work account becomes recognized in that tenant, and you should be able to proceed.

Use an Account Already Part of That Tenant: If you already have another account that is a member of the tenant that controls the app catalog, try signing in with that account. Sometimes the issue is simply a matter of which account session is active.

In my experience Ultimately, the error isn’t about not having a valid work account—it’s about tenant membership. Even though you are the one who created the app, the environment you’re trying to publish into doesn’t “see” you as a member. You don’t need to invite someone entirely different from your company (unless that’s a deliberate part of your publishing strategy); you just need to resolve the tenant membership issue.

Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, __this can be beneficial to other community members

If you have any other questions or are still running into more issues, let me know in the "comments" and I would be glad to assist you.
Michael Shvets 0 Reputation points

2025-05-01T13:30:22.4066667+00:00

But according to error message target tenant is Microsoft. How do I manage users in that tenant?

Answer 2

Navya 18,840 Microsoft External Staff Moderator

Hi @Michael Shvets

I understand that you are trying to submit your application via the Microsoft Application Network Portal, but you are encountering the following error: AADSTS50020: User account '' from identity provider https://sts.windows.net/b286824b-7254-4d97-9dcd-****/ does not exist in tenant.

Currently, submitting a request to publish your application in the Microsoft Entra Application Gallery is not possible. New request submissions have been paused, and the Application Network Portal is now restricted, and only internal Microsoft users can be able to access.

User's image

You will be able to submit your request once Microsoft resumes accepting new submissions. For the latest updates, please refer to this page: What's new in Microsoft Entra Enterprise Applications documentation

Hope this helps. Do let us know if you any further queries.

If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

Navya 18,840 Reputation points Microsoft External Staff Moderator

2025-05-06T11:08:34.5933333+00:00

Hi @Michael Shvets

Following up to see if the above answer was helpful. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
Navya 18,840 Reputation points Microsoft External Staff Moderator

2025-05-07T14:14:44.6666667+00:00

Hi @Michael Shvets

If the information above has been helpful in addressing your question, please accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.

Share via

I cannot access Microsoft Application Network Portal

2 answers

Your answer