The account needs to be added as an external user in the tenant first - AADSTS50020

Question

Experiencing authentication issues
The portal is having issues getting an authentication token. The experience rendered may be degraded.

Additional information from the call to get a token:
Extension: fx
Resource: jarvis
Details: AADSTS50020: User account '{EmailHidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application 'c44b4083-3bb0-49c1-b47d-974e53cbdf3c'(Azure Portal) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.
Trace ID: e198db53-ed9d-4647-9349-cb05413b7f00
Correlation ID: 949c25ac-bbd1-47c8-8587-7362ffffb59f
Timestamp: 2021-11-24 01:33:12Z

---

How to fix this issue due to this azure active directory i'm unable to get the primary domain field with the default domain "onmicrosoft.com"

Answer 1

Error message:
"Details: AADSTS50020: User account '{EmailHidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application 'c44b4083-3bb0-49c1-b47d-974e53cbdf3c'(Azure Portal) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account."

This error message can occur if you have a subscription that is recently expired, inactive, or orphaned. To resolve this, you will either need to claim a new Azure subscription or transfer the subscription to a new account. I would recommend opening a support case for this as you may need internal help to resolve this (depending on which issue this is).

Here is a link that also provides some helpful information on orphaned accounts. https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/resolve-orphaned-organization?view=azure-devops#:~:text=An%20organization%20is%20considered%20orphaned%20when%20the%20organization,way%20of%20transferring%20administrator%20rights%20to%20another%20user.

If you send me an email (included in the private comment), I will gladly open a one-time free support case to help resolve this issue.

There are other possibilities for this error message, but most often I see it because of the subscription issue. However, I would also recommend trying the following:

That message can happen if you have a personal "Microsoft" account using the same email address as your O365 "Work or School" account. To resolve this, go to microsoft.com/accounts using an incognito browser so that no credentials carry over, and choose the Microsoft account when logging in.

Answer 2

Hi, I have the same problem. What's your email Marilee? Thanks in advance!

Answer 3

I managed to do it by closing down the pop-up windows and then selecting 'sign out' to sign out of the previous teams tenant.

Hope it helps!

Answer 4

Hi Marilee

I have the same problem. I used to have 3 diffrent accounts, one private, one school and one for work and now the school one is expired and i can not enter the one for work. means online everythings works but on my laptop i can not connect my microsoft account to onedrive. can you may help me with that? Thank you so much in advance!

Answer 5

I am also experiencing this problem. Can someone help me?

I seem to have created two accounts. I will happily close one to sort this out, but can't.

I get this message: "Selected user account does not exist in tenant 'Microsoft Services' and cannot access the application '1fec8e78-bce4-4aaf-ab1b-5451cc387264' in that tenant. The account needs to be added as an external user in the tenant first. Please use a different account."

Thank you, Simon