Live account still got errors while loging in even after leaving a tenant/org

Question

Live account still got errors while loging in even after leaving a tenant/org

Espen Fossheim 51

My live account previously had access to the tenant we use at work as a guest user. I left the tenant but still get errors while login in where the account tries to access an Azure CLI application. I am not able to remove this error og reference and out of tips on how to proceed. It tries to access an app that does not exist in a tenant the live user has no access. Still I get this error.

Failed to authenticate '{'additional_properties': {}, 'id': '/tenants/0000000-0000-0000-0000-000000000000', 'tenant_id': xxxx 'tenant_category': 'Home', 'country': None, 'country_code': None, 'display_name': None, 'domains': None}' due to error 'Get Token request returned http error: 400 and server response: {"error":"invalid_grant","error_description":"AADSTS90072: User account '{EmailHidden}' from identity provider 'live.com' does not exist in tenant and cannot access the application (Microsoft Azure CLI) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account\r\nTrace ID: c010f233-ed04-451c-9341-63d6bfbf6e00\r\nCorrelation ID: bde1b091-1978-4e34-b7cb-9b5424f736f0\r\nTimestamp: 2022-05-23 13:59:29Z","error_codes":[90072],"timestamp":"2022-05-23 13:59:29Z","trace_id":"c010f233-ed04-451c-9341-63d6bfbf6e00","correlation_id":"bde1b091-1978-4e34-b7cb-9b5424f736f0","error_uri":"https://login.microsoftonline.com/error?code=90072"}'

JamesTran-MSFT 36,911 Reputation points Microsoft Employee Moderator

2022-05-31T16:37:01.793+00:00

@Espen Fossheim
I just wanted to check in and see if you had any other questions or if you were able to resolve this issue?

If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.

----------

Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

1 answer

Your answer

JamesTran-MSFT 36,911 Reputation points Microsoft Employee Moderator

2022-05-31T16:37:01.793+00:00

@Espen Fossheim
I just wanted to check in and see if you had any other questions or if you were able to resolve this issue?

If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.

----------

Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

Answer 1

Hi @Espen Fossheim

Thank you for asking this question on the **Microsoft Q&A Platform. **

The error AADSTS90072 has the following description:

PassThroughUserMfaError - The external account that the user signs in with doesn't exist on the tenant that they signed into; so the user can't satisfy the MFA requirements for the tenant. This error also might occur if the users are synced, but there is a mismatch in the ImmutableID (sourceAnchor) attribute between Active Directory and Azure AD. The account must be added as an external user in the tenant first. Sign out and sign in with a different Azure AD user account.

Hope this helps,
Carlos Solís Salazar

----------

Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.
NOTE: To answer you as quickly as possible, please mention me in your reply.

Carlos Solís Salazar 18,201 Reputation points MVP Volunteer Moderator

2022-05-26T11:36:32.883+00:00

@Espen Fossheim , you can Accept Answer and Upvote, if the above response helped answer your query, others visiting the forum with the same query might get help.

NOTE: To answer you as quickly as possible, please mention me in your reply.

Share via

Live account still got errors while loging in even after leaving a tenant/org

1 answer

Your answer