Medium severityauthentication
Power BI Error:
AADSTS16000
What does this error mean?
The signed-in user account doesn't exist in the target Microsoft Entra ID (Azure AD) tenant and can't access the app.
Common causes
- 1The user is signing in with a personal Microsoft Account (outlook.com/hotmail.com/live.com) to a tenant that only allows work or school accounts
- 2The user belongs to a different Microsoft Entra ID tenant and has never been invited as a B2B guest in the target tenant
- 3A guest invitation was created but never redeemed, or the guest user was deleted/soft-deleted from the target tenant
- 4The wrong account is selected from the account picker because multiple accounts are cached in the browser session
- 5The application's sign-in audience is set to single-tenant while the user lives in another tenant or identity provider
How to fix it
- 1Sign out fully (https://login.microsoftonline.com/logout.srf), clear cached accounts in the browser, and sign back in with an account that belongs to the target tenant — confirm the UPN domain matches the tenant
- 2If you must use an external account, ask a tenant admin to invite the user via Microsoft Entra ID > External Identities > Users > Invite external user, and complete the invitation redemption email
- 3Verify the user object exists in the target tenant under Entra ID > Users (check userType = Guest for external users) and that the account is not blocked or soft-deleted
- 4For Power BI / Fabric / ADF: confirm the workspace, dataset, or linked-service is in the same tenant as the signing-in account, or that cross-tenant B2B access is configured for that workspace
- 5If the app is single-tenant, switch the app registration's 'Supported account types' to multi-tenant or add the external user as a guest — personal MSA accounts also require 'Personal Microsoft accounts' to be enabled