B2B guest sign-in blocked with error 530035 — "Invitations blocked due to suspicious activity" on tenant waltercole1997gmail789

Question

Service: Microsoft Entra ID (Azure Active Directory)

Problem type: Sign-in and Multi-Factor Authentication → User cannot sign in to application

Summary

Issue: B2B guest accounts from a specific domain are blocked with error 530035.

Reported message:

"Invitations blocked due to suspicious activity"

Tenant and Application Details

• Tenant: PII
• Tenant ID: PII
• App: PII
• Correlation ID from failed sign-in: PII

What Works

• Tenant owner account signs in normally
• Gmail-based B2B guest accounts sign in normally

What Fails

• B2B guest accounts from transferonline.com get error 530035:

"Your sign-in was successful but you don't have permission to access this resource"

• Graph API calls to /v1.0/invitations return:

"Invitations are blocked for this directory due to suspicious activity. Please contact Microsoft support for help."

What We've Verified

• External collaboration settings allow invitations to any domain (no domain restrictions)
• appRoleAssignmentRequired is false on the app service principal
• The guest accounts exist in the directory and are enabled
• The guest accounts have been explicitly assigned app roles on the SWA service principal
• groupMembershipClaims is set to SecurityGroup
• The affected users are members of the correct Entra security groups

Request

Please lift the "suspicious activity" block on this tenant's invitation capability, or advise why only one domain's guests are affected while another domain works fine.

Related SR

This is a resubmission per moderator guidance on Microsoft Q&A. The original question was posted by Dylan Levsey on March 30, 2026, and the moderator (Rukmini) requested it be filed from the affected tenant account.Service: Microsoft Entra ID (Azure Active Directory)

Problem type: Sign-in and Multi-Factor Authentication → User cannot sign in to application

Summary

Issue: B2B guest accounts from a specific domain are blocked with error 530035.

Reported message:

"Invitations blocked due to suspicious activity"

Tenant and Application Details

• Tenant: PII
• Tenant ID: PII
• App: PII
• Correlation ID from failed sign-in: PII

What Works

• Tenant owner account signs in normally
• Gmail-based B2B guest accounts sign in normally

What Fails

• B2B guest accounts from transferonline.com get error 530035:

"Your sign-in was successful but you don't have permission to access this resource"

• Graph API calls to /v1.0/invitations return:

"Invitations are blocked for this directory due to suspicious activity. Please contact Microsoft support for help."

What We've Verified

• External collaboration settings allow invitations to any domain (no domain restrictions)
• appRoleAssignmentRequired is false on the app service principal
• The guest accounts exist in the directory and are enabled
• The guest accounts have been explicitly assigned app roles on the SWA service principal
• groupMembershipClaims is set to SecurityGroup
• The affected users are members of the correct Entra security groups

Request

Please lift the "suspicious activity" block on this tenant's invitation capability, or advise why only one domain's guests are affected while another domain works fine.

Related SR

This is a resubmission per moderator guidance on Microsoft Q&A. The original question was posted by Dylan Levsey on March 30, 2026, and the moderator (Rukmini) requested it be filed from the affected tenant account.

(Also, I accidentally submitted another ticket as the tenant, ******@gmail.com. I meant to submit as ******@gmail.com)