Select Language:
If you’re seeing the error message AADSTS16000 when trying to sign into a Microsoft service, it typically means your account isn’t recognized in the Azure Active Directory (Azure AD) tenant you’re attempting to access. This can happen if your account isn’t registered as a user or guest in that tenant, or if you’re using a personal Microsoft account on a tenant that only allows organizational accounts. It might also be caused by the application’s settings not supporting your account type.
Here’s a simple way to fix the problem:
First, ask the admin of the Azure AD tenant to add your account as a guest user. They can do this easily in the Microsoft Entra admin center by navigating to Users > New guest user. If you’re coming from a different tenant or using a personal account, this step is essential.
Next, check the application’s sign-in settings. Make sure the app allows your account type. In the app registration, there’s a setting called signInAudience, which should match your account type—either organizational or personal. For multi-tenant apps, both Azure AD and personal Microsoft accounts should be permitted.
Also, ensure you’re signing in using the right URL for the tenant. It should look something like this: https://login.microsoftonline.com/{tenant-id}/. Replace {tenant-id} with your actual tenant’s ID.
Before trying again, sign out completely from all Microsoft accounts in your browser. Then, sign back in using the account that belongs to the target tenant.
Finally, the tenant admin can verify whether your user account exists or has been invited. They can do this through the Microsoft Entra admin center or by using the Microsoft Graph API.
If these steps work for you, please consider clicking “Accept as Answer” to help others who might be facing the same issue.
ChatGPT
Perplexity
Gemini AI
Grok AI
