![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 25%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJI%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Entra | Microsoft Entra ID
A cloud-based identity and access management service for securing user authentication and resource access
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 10%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
The error interaction_required: AADSTS5000225: This tenant has been blocked due to inactivity indicates the Azure AD tenant behind the Azure account has been blocked due to being inactive for an extended period.
Key points and actions:
- Understand the inactivity block and deletion window
- When a tenant is inactive beyond Microsoft’s inactivity threshold, sign-in is blocked with
AADSTS5000225. - Administrators can request reactivation only within 20 days of the tenant entering the inactive (blocked) state.
- If the tenant remains in this state for more than 20 days, it is permanently deleted and cannot be recovered.
- When a tenant is inactive beyond Microsoft’s inactivity threshold, sign-in is blocked with
- Try direct tenant sign-in to Azure portal
If the tenant might still be within the 20‑day window, attempt to sign in directly against the tenant:- Use the Azure portal URL with your Tenant ID:
https://portal.azure.com/<TenantId> - Or use the tenant name:
https://portal.azure.com/<yourTenantName>.onmicrosoft.com
If sign-in succeeds, use the portal to open a support request (if the subscription/support level allows it) and request tenant reactivation.
- Use the Azure portal URL with your Tenant ID:
- If normal portal sign-in is blocked
- Try signing in via Microsoft Entra admin center:
https://entra.microsoft.com/and then:- Go to Entra ID → Overview → Manage tenants.
- From there, confirm the tenant status.
- If the tenant is blocked but still within the 20‑day reactivation window, the tenant administrator must contact Microsoft support using the global support phone numbers listed under “Tenant inaccessible due to inactivity” (see reference).
- Do not open multiple assistance requests; wait for the response on the first case.
- Try signing in via Microsoft Entra admin center:
- If the tenant has been blocked for more than 20 days
- After 20 days in the blocked state, the tenant is deleted and cannot be restored.
- In that case, the only option is to create a new tenant (and, if needed, a new Azure subscription) and continue from there.
- If completely locked out and cannot open a ticket online
- Use the global support phone numbers for Azure to reach Microsoft and request help with a blocked/inactive tenant, as described in the “Tenant inaccessible due to inactivity” guidance.
- If the tenant is already beyond the recovery window, support will confirm that it cannot be reactivated.
- Workaround to continue using Azure if the old tenant is unrecoverable
- Sign in to
https://entra.microsoft.com/. - Go to Entra ID → Overview → Manage tenants and create a new tenant.
- Note the new tenant’s domain name (for example,
xxx.onmicrosoft.com). - Then sign in to the Azure portal using:
https://portal.azure.com/xxx.onmicrosoft.com - From this new tenant, create a new subscription and continue using Azure.
- Sign in to
Because sign-in is blocked, a standard portal-based support ticket is not possible; using the tenant admin plus the Azure global support phone numbers within the 20‑day window is the supported recovery path. After that window, only creating a new tenant is available.
References: