What causes AADSTS50085?

The original authentication was performed via a social or external IdP (Microsoft account, Google, Facebook) that does not support silent refresh. B2B guest user whose home tenant or social IdP session has expired. Azure AD B2C user flow where the refresh token lifetime exceeds the social IdP's session lifetime. Power BI / Fabric data source credentials stored under a guest or external account whose IdP session expired. Conditional Access or MFA policy on the external IdP forces interactive re-login

How do I fix AADSTS50085?

Have the affected user sign out completely and sign in again interactively (username + password) at the original IdP — silent token refresh will not work. In Power BI Service, open the dataset/dataflow → Settings → Data source credentials → Edit credentials and reauthenticate with OAuth2. For Azure Data Factory / Synapse / Fabric pipelines: open the linked service and re-enter credentials interactively so a fresh refresh token is issued. If this is a B2B guest scenario, verify the guest still has an active session in the home tenant; reset the invitation if the account is stale. For recurring failures, switch the data source from a personal/social account to a service principal or managed identity so refresh no longer depends on interactive IdP sessions

Low severityauthentication

Power BI Error:
AADSTS50085

What does this error mean?

The refresh token can't be silently renewed because the user originally signed in via a social/external identity provider.

Common causes

1The original authentication was performed via a social or external IdP (Microsoft account, Google, Facebook) that does not support silent refresh
2B2B guest user whose home tenant or social IdP session has expired
3Azure AD B2C user flow where the refresh token lifetime exceeds the social IdP's session lifetime
4Power BI / Fabric data source credentials stored under a guest or external account whose IdP session expired
5Conditional Access or MFA policy on the external IdP forces interactive re-login

How to fix it

1Have the affected user sign out completely and sign in again interactively (username + password) at the original IdP — silent token refresh will not work
2In Power BI Service, open the dataset/dataflow → Settings → Data source credentials → Edit credentials and reauthenticate with OAuth2
3For Azure Data Factory / Synapse / Fabric pipelines: open the linked service and re-enter credentials interactively so a fresh refresh token is issued
4If this is a B2B guest scenario, verify the guest still has an active session in the home tenant; reset the invitation if the account is stale
5For recurring failures, switch the data source from a personal/social account to a service principal or managed identity so refresh no longer depends on interactive IdP sessions

Frequently asked questions

What does AADSTS50085 mean?

Refresh token needs social IDP login. Have user try signing-in again with username -password

How do I fix this error?

Check your application registration, token configuration, and user permissions in the Azure portal. Review Conditional Access policies if the error is policy-related.

Source · learn.microsoft.com/en-us/entra/identity-platform/reference-error-codes#aadsts-error-codes