![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 96%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Entra | Microsoft Entra ID
A cloud-based identity and access management service for securing user authentication and resource access
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 10%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
This behaviour indicates that Microsoft Entra ID has placed a security restriction on your tenant due to automated abuse detection signals. The message suspicious behaviour is generated by Microsoft internal risk engines and is not based purely on visible audit log activity.
Tenant invitation blocking typically occurs when one or more of the following patterns are detected:
• High volume of external invitations in a short period
• Repeated failed invitation attempts
• Invitations to disposable or high risk domains
• Suspicious sign in activity linked to inviter accounts
• Newly created tenant exhibiting automation behaviour
The number of users in the tenant is not a determining factor. Even a tenant with fewer than one hundred users can be restricted if risk signals are triggered.
Important clarification
This restriction cannot be removed from the Azure portal. There is no administrative toggle to unblock invitations once the tenant has been flagged.
Recommended validation steps
Step 1 Check whether Azure AD B2B collaboration is correctly configured.
Navigate to:
Microsoft Entra admin centre External Identities External collaboration settings
Ensure that guest invitations are allowed for your user role.
Step 2 Review Microsoft Entra audit logs.
Go to:
Microsoft Entra admin centre Monitoring Audit logs
Filter for Activity category Invitation. Confirm whether failures show additional error codes beyond suspicious behaviour.
Step 3 Check Microsoft Entra sign in logs for the accounts sending invitations. Look for risk detections or identity protection alerts.
Resolution path
If the restriction persists and no configuration issue is identified, you must open a Microsoft support request. This is the only supported method to lift an automated tenant level invitation block.
When opening the case:
Select Microsoft Entra ID Choose B2B or External Identities Describe that tenant invitations are blocked due to suspicious behaviour
Microsoft support will review internal telemetry and determine whether the restriction can be removed. In most cases, once manual review confirms legitimate usage, the block is lifted.
Preventive recommendations after unblock
• Avoid bulk invitation scripts without throttling
• Ensure inviter accounts use strong authentication with MFA
• Limit invitation rights to specific roles
• Avoid inviting large batches of external users from high risk domains
Summary
This is not a configuration issue in your tenant. It is a security based enforcement triggered by Microsoft automated protection systems. The only remediation is a formal support request for tenant review and unblock.
If you can share whether invitations were automated or performed manually, further preventative guidance can be provided.