![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 49%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETS%3C/text%3E%3C/svg%3E)
Microsoft 365 and Office | Development | Microsoft 365 Developer Program
A free program from Microsoft that provides developers with the tools, resources, and sandbox environments needed to build solutions for Microsoft 365.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 15%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJB%3C/text%3E%3C/svg%3E)
Because the only global administrator on the tenant is locked out by MFA and there are no alternative methods configured, the only supported path is recovery through Microsoft support and the Data Protection/Tenant Recovery process.
Follow these steps:
- Use the Developer Program account to confirm tenant details
- Sign in to the Microsoft 365 Developer Program dashboard with the Developer Program account (the Outlook.com address).
- Confirm the linked developer subscription and tenant information so it can be provided to support as proof of association.
- Contact Microsoft support and request Data Protection/Tenant Recovery
- Call the appropriate Microsoft customer service number for the region using the numbers listed at Customer service phone numbers - Microsoft Support.
- When prompted by the IVR/agent, clearly state:
- This is a business/Office 365/Microsoft 365 for business tenant.
- The tenant domain (7hqx6j.onmicrosoft.com).
- The locked-out admin UPN.
- That this is a tenant lockout with a single global admin who has lost access to Microsoft Authenticator and has no alternative MFA methods.
- That an MFA reset is required for the global admin.
- Ask specifically to create a service request with the Microsoft 365 Data Protection team (or Tenant Recovery team) to reset MFA for the global admin.
- Be prepared for identity and tenant ownership verification
- Support may require:
- Verification that the caller is associated with the tenant (for example, via the Developer Program account and tenant linkage).
- Business or personal identification and any available tenant-related information.
- Follow the instructions from the Data Protection team; they are the only group authorized to reset MFA when no other admin is available.
- Support may require:
- After MFA reset
- Once support confirms that MFA has been reset or cleared for the admin account, sign in again with the admin UPN and password.
- Complete MFA re-registration when prompted and configure at least one backup method (for example, SMS, alternate authenticator, or other supported methods) to avoid future lockouts.
If phone contact is difficult, an alternative sometimes used in similar scenarios is to create a temporary Microsoft 365 trial tenant, sign in as its admin, and open a support ticket from that admin center requesting Data Protection assistance for the original tenant. However, the primary and recommended method is direct phone contact with Microsoft support and escalation to the Data Protection team.
References:
- Microsoft 365 Developer Program FAQ
- Welcome to the Microsoft 365 Developer Program
- Troubleshoot sign-in issues and account access problems
- Tenant Lockout: Scenarios & Next Steps
- Requesting a Tenant Admin MFA Reset - Microsoft Q&A
- Global Admin Locked out - Microsoft Q&A
- Severity A Situation - Locked out of global admin account (MFA) - business down - Microsoft Q&A
- Microsoft authenticator sending me into a spiral - Microsoft Q&A
- Microsoft Authenticator app doesn't show 6-digit OTP code - Microsoft Q&A
- Tenant inaccessible due to inactivity
- Tenant access recovery