Forum Discussion
External user (without MS account) can't access Azure Portal
Hi Members,
I need to provide Azure portal access to few external users. They don't have any Microsoft account but only their company email ids, say email address removed for privacy reasons which are not on Microsoft.
When I added them as external user. They received invite and after authentication through one time code received on their emails they were able to login to my apps. But, when they try to login to Azure portal they are getting error message: "We couldn't find an account with that username. Try another, or get a new Microsoft account."
Do they need to link/create a new Microsoft account with their existing email id i.e. email address removed for privacy reasons?
Or is there any way they can use the existing email id to login to Azure portal without creating/linking Microsoft account? As MyApps access worked for them.
- I second that - external user with gmail can connect to myapplications.microsoft.com, but not azure portal with the exact error msg. Did not find the reason yet. AAD->User Settings ->Administration portal (restrict access to Azure AD administration portal) is set to no.
I found a workaround by reading this: https://learn.microsoft.com/en-us/azure/active-directory/external-identities/google-federation#deprecation-of-web-view-sign-in-support
I was able to connect to portal.azure.com/<tennant-id>
Additionally - https://learn.microsoft.com/en-us/training/modules/implement-manage-external-identities/13-configure-identity-providers
Hi mikhailf,
Thank for your response.
Yes, this is happening for all guest accounts, which are not having a linked or actual Microsoft account like email address removed for privacy reasons, email address removed for privacy reasons etc.
I can see the invited user in Azure Active Directory and "External user state" as "Accepted". User is also able to login to MyApps but not to Azure Portal.
Regarding, Go to AAD -> User Settings -> Restrict access to Azure AD administration portal it is set to "No". But I doubt this will make any difference as this for Azure AD Administration portal not for Azure portal.
