Low severityauthentication
Power BI Error:
AADSTS90124
What does this error mean?
The requested resource cannot be accessed via the v2.0 /common or /consumers endpoints — a tenant-specific or /organizations endpoint is required.
Common causes
- 1Authority URL set to https://login.microsoftonline.com/common or /consumers while requesting a v1-only resource (e.g. Power BI Service, Azure Data Factory, Azure Management).
- 2MSAL/ADAL client configured with TenantId = 'common' or 'consumers' for a workload that requires a single-tenant or work-account context.
- 3Custom API exposed as a v1 resource (resource URI scope) being requested through the v2.0 /common endpoint instead of /organizations.
- 4Personal Microsoft accounts (MSA) flow hitting /consumers for a resource that only supports work/school accounts.
- 5Embedded Power BI / Fabric scenarios where the embedding app uses /common but the target capacity / resource is tenant-bound.
How to fix it
- 1Change the authority from https://login.microsoftonline.com/common (or /consumers) to https://login.microsoftonline.com/organizations, or — preferred — to your specific tenant ID: https://login.microsoftonline.com/{tenant-id}.
- 2In MSAL: set the Authority or TenantId property to the tenant GUID or 'organizations'; in ADAL: update the AuthenticationContext URL accordingly. Rebuild and redeploy the client.
- 3If using v2.0 scopes (.default / scope URIs) for a v1-only resource, switch the request to use the /organizations endpoint, since v1 resources are not addressable via /common in the v2.0 protocol.
- 4Verify in the Entra ID (Azure AD) app registration under 'Authentication' that 'Supported account types' matches your sign-in flow (Single tenant or Multitenant — accounts in any organizational directory), and that you are not targeting 'Personal Microsoft accounts'.
- 5For Power BI / Fabric / ADF integrations, hard-code the home tenant ID in the connection string or service principal config rather than relying on /common discovery.