![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 28.000000000000004%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESD%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Entra | Microsoft Entra ID
A cloud-based identity and access management service for securing user authentication and resource access
The error indicates that the personal Microsoft account is trying to access a tenant where it does not exist as a user, or the wrong identity/tenant endpoint is being used.
Use these steps to resolve it:
- Confirm which identity is being used
- The message shows tenant
Microsoft Services. That is the default tenant used when signing into Azure/Entra with a personal Microsoft account (Outlook/Hotmail/OneDrive) that has no Azure tenant of its own. - In this default tenant, there is no linked directory where portal actions can be performed. This behavior is expected for personal accounts.
- The message shows tenant
- If the goal is to administer Azure/Entra (have a directory/tenant)
- A separate Azure tenant must be created and associated with the personal account.
- Follow the documented steps to create an Azure account and new tenant:
- Browse to the Azure account website and select Try Azure for free.
- Complete the sign-up flow.
- A new tenant is created and the account becomes Global Administrator in that tenant, which then allows full access to Azure/Entra resources in that tenant.
- If the goal is to access an existing app/tenant as a guest
- The error text explicitly states that the account must be added as an external user first.
- Ask the administrator of the target tenant (the one hosting the application with ID
c44b4083-3bb0-49c1-b47d-974e53cbdf3c) to:- Invite the personal account as a guest user to that tenant, following the standard guest invitation process.
- After the invitation is accepted, sign out of all sessions and sign back in, then access the application again.
- If sign-in loops or wrong account keeps appearing
- Completely sign out of all Microsoft identities and clear cached sessions:
- Close all browser windows.
- Open a private/incognito window.
- Go to the sign-out URL for Microsoft cloud services (as documented) to ensure all sessions are cleared.
- Sign in again with the intended personal account.
- Completely sign out of all Microsoft identities and clear cached sessions:
If, after these steps, the same message still appears when accessing a specific organization’s resource, the administrator of that organization must either add the account as a guest or provide the correct sign-in URL/tenant for that resource.
References: