Cannot delete tenant

Question

Cannot delete tenant

FredBalster 0

User's image

All checks are green.
Still I cannot delete the tenant.
I am getting this error message.
User's image

Ofcourse I pressed the 'Help me troubleshoot' button and followed the directions.
Been to several webpages like these:
https://learn.microsoft.com/en-us/entra/identity/users/directory-delete-howto
https://techcommunity.microsoft.com/discussions/azure/unable-to-delete-tenant/4421862
https://learn.microsoft.com/en-us/answers/questions/5691188/cannot-delete-tenant-because-of-enterprise-apps-th
I follewed these up to. None of them helped.
Does anybody have another suggestion I might try?

Rukmini 42,595 Reputation points Microsoft External Staff Moderator

2026-03-10T17:40:44.8533333+00:00
Hey Fred, it looks like the portal is telling you there are still some enterprise applications (service principals) that it can’t clean up automatically—even though all your green-check items say “good to go.” In my experience the fix is to manually remove those stubborn service principals via PowerShell/Graph and then retry the deletion. Here’s how:

Install and connect with the Microsoft Graph PowerShell module
Install-Module Microsoft.Graph -Scope CurrentUser Connect-MgGraph -Scopes Application.ReadWrite.All

(Optional safety check) Confirm you’re in the right tenant
Get-MgContext Get-MgDomain # verify your .onmicrosoft.com domain

Enumerate and delete all enterprise apps (service principals)
# This gets every SP and tries to remove it Get-MgServicePrincipal -All | ForEach-Object { Remove-MgServicePrincipal -ServicePrincipalId $_.Id }

If some SPs won’t delete because of dependencies, disable then delete:
$update = @{ accountEnabled = $false } Get-MgServicePrincipal -All | ForEach-Object { Update-MgServicePrincipal -ServicePrincipalId $_.Id -BodyParameter $update Remove-MgServicePrincipal -ServicePrincipalId $_.Id }

Once that’s done, go back to the Microsoft Entra admin center → Manage tenants → Delete. It should now pass the “enterprise applications” check.

Hope that does the trick!

Reference list

• Remove undeletable enterprise apps (PowerShell)

https://learn.microsoft.com/entra/identity/users/directory-delete-howto#remove-enterprise-apps-that-you-can't-delete

• Delete a tenant in Microsoft Entra ID (general how-to)

https://learn.microsoft.com/entra/identity/users/directory-delete-howto

Note: This content was drafted with the help of an AI system. Please verify the information before relying on it for decision-making.
Rukmini 42,595 Reputation points Microsoft External Staff Moderator

2026-03-11T18:25:53.7033333+00:00

Hello FredBalster

Following up to see if the above provided information was helpful. If you have any further queries do let us know.
FredBalster 0 Reputation points

2026-03-17T13:58:16.69+00:00

Hello Rukmini,

The code you send, I already tried before and I just retried again.
Still no success, the same error.
I do not know how to get passed this error
Rukmini 42,595 Reputation points Microsoft External Staff Moderator

2026-03-17T19:01:38.6133333+00:00

Hello FredBalster

Thank you for the update will check internally and get back to you!
Rukmini 42,595 Reputation points Microsoft External Staff Moderator

2026-03-27T16:42:36.8866667+00:00

Hello FredBalster

Lets continue over private messages!
aGhozzy 0 Reputation points

2026-04-12T15:06:06.9933333+00:00

Hello, we can't delete a fresh brand new tenant due to the same Enterprise Applications error, no EAs in the portal and also powershell errors on all of them because all are Microsoft Internal apps.. we are stuck and can't delete the tenant.

1 answer

Your answer

Rukmini 42,595 Reputation points Microsoft External Staff Moderator

2026-03-10T17:40:44.8533333+00:00

Hey Fred, it looks like the portal is telling you there are still some enterprise applications (service principals) that it can’t clean up automatically—even though all your green-check items say “good to go.” In my experience the fix is to manually remove those stubborn service principals via PowerShell/Graph and then retry the deletion. Here’s how:

Install and connect with the Microsoft Graph PowerShell module
Install-Module Microsoft.Graph -Scope CurrentUser Connect-MgGraph -Scopes Application.ReadWrite.All

(Optional safety check) Confirm you’re in the right tenant
Get-MgContext Get-MgDomain # verify your .onmicrosoft.com domain

Enumerate and delete all enterprise apps (service principals)
# This gets every SP and tries to remove it Get-MgServicePrincipal -All | ForEach-Object { Remove-MgServicePrincipal -ServicePrincipalId $_.Id }

If some SPs won’t delete because of dependencies, disable then delete:
$update = @{ accountEnabled = $false } Get-MgServicePrincipal -All | ForEach-Object { Update-MgServicePrincipal -ServicePrincipalId $_.Id -BodyParameter $update Remove-MgServicePrincipal -ServicePrincipalId $_.Id }

Once that’s done, go back to the Microsoft Entra admin center → Manage tenants → Delete. It should now pass the “enterprise applications” check.

Hope that does the trick!

Reference list

• Remove undeletable enterprise apps (PowerShell)

https://learn.microsoft.com/entra/identity/users/directory-delete-howto#remove-enterprise-apps-that-you-can't-delete

• Delete a tenant in Microsoft Entra ID (general how-to)

https://learn.microsoft.com/entra/identity/users/directory-delete-howto

Note: This content was drafted with the help of an AI system. Please verify the information before relying on it for decision-making.
Rukmini 42,595 Reputation points Microsoft External Staff Moderator

2026-03-11T18:25:53.7033333+00:00

Hello FredBalster

Following up to see if the above provided information was helpful. If you have any further queries do let us know.
FredBalster 0 Reputation points

2026-03-17T13:58:16.69+00:00

Hello Rukmini,

The code you send, I already tried before and I just retried again.
Still no success, the same error.
I do not know how to get passed this error
Rukmini 42,595 Reputation points Microsoft External Staff Moderator

2026-03-17T19:01:38.6133333+00:00

Hello FredBalster

Thank you for the update will check internally and get back to you!
Rukmini 42,595 Reputation points Microsoft External Staff Moderator

2026-03-27T16:42:36.8866667+00:00

Hello FredBalster

Lets continue over private messages!
aGhozzy 0 Reputation points

2026-04-12T15:06:06.9933333+00:00

Hello, we can't delete a fresh brand new tenant due to the same Enterprise Applications error, no EAs in the portal and also powershell errors on all of them because all are Microsoft Internal apps.. we are stuck and can't delete the tenant.

Answer 1

The portal check list can show all green and still fail tenant deletion because of enterprise applications (service principals) that can’t be removed from the UI. These must be cleaned up with PowerShell before the tenant can be deleted.

Use this end‑to‑end procedure:

Install required PowerShell modules

Install-Module Microsoft.Graph
Install-Module -Name Az

Connect explicitly to the tenant that must be deleted

Use a Global Administrator that is homed in this tenant (not a guest account).

Connect-MgGraph -Scopes "Application.ReadWrite.All"
Get-MgDomain   # verify the onmicrosoft.com domain and tenant ID

Clear-AzContext -Scope CurrentUser
Connect-AzAccount -Tenant <object id of the tenant you are attempting to delete>
Get-AzContext   # confirm the same tenant ID/onmicrosoft.com domain

These checks ensure that subsequent commands run only against the tenant that is being removed.

Remove all enterprise applications (service principals)

Some service principals are not deletable from the portal but can be removed through Microsoft Graph. Run this command; execute it multiple times until it no longer finds removable objects (some deletions fail on first attempt because of dependencies):

Get-MgServicePrincipal -All | ForEach-Object {
    Remove-MgServicePrincipal -ServicePrincipalId $_.Id
}

Disable and retry removal for stubborn service principals

If any service principals still cannot be deleted, first disable them, then try deletion again:

$ServicePrincipalUpdate = @{ "accountEnabled" = "false" }

Get-MgServicePrincipal -All | ForEach-Object {
    Update-MgServicePrincipal -ServicePrincipalId $_.Id -BodyParameter $ServicePrincipalUpdate
}

Get-MgServicePrincipal -All | ForEach-Object {
    Remove-MgServicePrincipal -ServicePrincipalId $_.Id
}

Disabling them prevents them from blocking the tenant deletion even if some remain.

Delete the tenant again from the portal
Sign in to the Microsoft Entra admin center as Global Administrator.
Go to Microsoft Entra ID → Overview → Manage tenants.
Select the tenant and choose Delete.
If all checks are still green, confirm Delete.

This sequence specifically addresses the known issue mentioned in the notification: enterprise apps that cannot be deleted in the portal but can be removed or disabled using Microsoft Graph PowerShell, after which tenant deletion succeeds.

References:

Delete a tenant in Microsoft Entra ID

Share via

Cannot delete tenant

1 answer

Your answer