ERROR code AADSTS50020 when access to the AAD control panel

つくし 二葉 1 Reputation point
2022-03-28T14:55:16.547+00:00

When I access the AAD control panel, a prompt pops up in the upper right corner:

门户在获取身份验证令牌时出错。呈现的体验可能会下降。

获取令牌的调用的其他信息:
扩展插件: Microsoft_AAD_IAM
资源: graph
详细信息: The logged in user is not authorized to fetch tokens for extension 'Microsoft_AAD_IAM' because the user account is not a member of tenant 'f8cdef31-a31e-4b4a-93e4-5f571e91255a'. Error details: AADSTS50020: User account '{EmailHidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application 'c44b4083-3bb0-49c1-b47d-974e53cbdf3c'(Azure Portal) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.
Trace ID: 0fc568a8-a76e-4fe5-9b90-f9de349d7700
Correlation ID: 12ddcc85-15a6-46c6-9c40-f562a048fa23
Timestamp: 2022-03-28 14:36:28Z

门户在获取身份验证令牌时出错。呈现的体验可能会下降。

获取令牌的调用的其他信息:
扩展插件: Microsoft_AAD_IAM
资源: self
详细信息: The logged in user is not authorized to fetch tokens for extension 'Microsoft_AAD_IAM' because the user account is not a member of tenant 'f8cdef31-a31e-4b4a-93e4-5f571e91255a'. Error details: AADSTS50020: User account '{EmailHidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application 'c44b4083-3bb0-49c1-b47d-974e53cbdf3c'(Azure Portal) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.
Trace ID: 34bc8e06-da08-4b7d-99f9-48ec889a8400
Correlation ID: 6d0df762-8c09-44db-8f2b-0b3d6a52c19d
Timestamp: 2022-03-28 15:10:56Z

Any help would be appreciate.
Thank's in advance.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
17,549 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. CarlZhao-MSFT 31,971 Reputation points
    2022-03-29T07:15:59.707+00:00

    Hi @つくし 二葉

    Your error message already tells you what the problem is, you can't use a user outside your tenant to log in to an application in your tenant, you need to add your personal account as a guest to your tenant: https://learn.microsoft.com/en-us/azure/active-directory/external-identities/add-users-administrator

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments
  2. Shweta Mathur 22,651 Reputation points Microsoft Employee
    2022-03-29T07:21:03.9+00:00

    Hi @つくし 二葉

    Thanks for reaching out.

    I understand that you are facing issue while access Azure resources with your account as you sign in in Microsoft Services tenant as a standard user with restricted access.

    This error usually occurs when you sign into Azure Portal using your personal account which is not added as an external/guest user to an Azure AD tenant.

    You can ask the global administrator to invite you as a guest user as mentioned here: https://learn.microsoft.com/en-us/azure/active-directory/external-identities/add-users-administrator#add-guest-users-to-the-directory.

    Once you are added to an azure tenant then you accept the invite sent to you via email, then you can access to Azure AD to have administrative access to perform all actions.

    Thanks,
    Shweta

  3. CYNTHIA CANTRELL 0 Reputation points
    2023-08-09T01:08:42.5133333+00:00

    How can I get help with my AADSTS50020 user account with my tenant IDCCANTRELL@BHM.K12.AL.US

    0 comments