This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 54%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPP%3C/text%3E%3C/svg%3E)
When I try to get an access token like this
$client_id = 'TU_CLIENT_ID';
$redirect_uri = 'TU_URL_DE_REDIRECTION';
$auth_url = "https://login.microsoftonline.com/TU_DIRECTORY_ID/oauth2/authorize" .
"?client_id=$client_id" .
"&response_type=code" .
"&redirect_uri=$redirect_uri" .
"&response_mode=query" .
"&resource=https://ads.microsoft.com" .
"&scope=bingads.manage";
header("Location: $auth_url");
Redirects me to login and shows me the following error
The selected user account does not exist in the "Microsoft Services" tenant, so the application "XXXXXXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXXXXXXXXXXXXXXXX" cannot be accessed from this tenant. To do this, first of all you need to add the account as an external user in the tenant. Use another account.
How do I add the tenant? it is not clear in the documentation.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 20%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hi @Pablo Peralta ,
Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept Answer" which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
Hi @Pablo Peralta ,
Thanks for reaching out.
I understand you are trying to get the access token and registered the application in the "Microsoft Tenant".
Since you are connected to the Microsoft Services tenant as a standard user with restricted access, you cannot perform actions such as creating new users, groups, enterprise applications, and so on. To perform administrative actions, you must have administrative access to the tenant.
For this purpose, you need to create your own tenant rather than using the Microsoft Services (f8cdef31-a31e-4b4a-93e4-5f571e91255a) tenant. When you create a new tenant, you by default become the Global Administrator of the new tenant and have full access to all the options in that tenant.
To create a new tenant, open in-private/incognito browser window (just to avoid SSO), access https://azure.microsoft.com/en-us/free/ to create a free Azure account.
Once the new account is created, you should be able to see and switch to the new tenant by clicking on the settings icon as highlighted below:
Refer the similar ask: https://video2.skills-academy.com/en-us/answers/questions/1377925/issue-while-logging-in-to-azure-entra-portal-aadst
Hope this will help.
Thanks,
Shweta
Please remember to "Accept Answer" if answer helped you.
After trying what I was recommended, I have the following doubt. Is it necessary to have a working account (contracting any service or making payments) to obtain the access token and the tenant, as well as to obtain the spend of my ads?
Apologies for late response. I was on leave.
To access the directory, you need to have work account. You can create free account as well to get the access token. To access the resources, you need to pay for subscription, but you can obtain access token and access the tenant from free account as well.
Hope this answer your query.
Thanks,
Shweta
Please remember to "Accept Answer" if answer helped you.