I can login to azure , but can't perform any action

Heeraj Nair 0 Reputation points
2024-06-25T02:52:56.4633333+00:00

Getting this error:

Additional information from the call to get a token: Extension: Microsoft_Azure_Support Resource: self Details: The logged in user is not authorized to fetch tokens for extension 'Microsoft_Azure_Support' because the user account is not a member of tenant 'f8cdef31-a31e-4b4a-93e4-5f571e91255a'. Error details: invalid_grant: 50020 - [2024-06-25 02:43:28Z]: AADSTS50020: User account '{EUII Hidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application 'c44b4083-3bb0-49c1-b47d-974e53cbdf3c'(Azure Portal) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account. Trace ID: 3a3761de-8881-4dbe-b104-a303d7ee8f00 Correlation ID: e2414725-838b-456a-95d3-40c6f8a8e89b Timestamp: 2024-06-25 02:43:28Z - Correlation ID: e2414725-838b-456a-95d3-40c6f8a8e89b - Trace ID: 3a3761de-8881-4dbe-b104-a303d7ee8f00

Can't spin vm and not even raise a support ticket as well

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,481 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anveshreddy Nimmala 3,460 Reputation points Microsoft Vendor
    2024-06-25T05:04:18.88+00:00

    Hello Heeraj Nair,

    Welcome to microsoft Q&A, thankyou for posting your query here.

    According to the error message, Your account isn't allowed to access Azure resources in that particular tenant.

    In Azure portal

    In Profile settings

    Go to Directories and subscriptions .

    select your subscription filter in default subscription filter and you can see in directories ,if you have access to your tenant with your logged in account if not choose different account.

    User's image

    Use a different AAD (azure Active Directory) user account with the required permissions in the f8cdef31-a31e-4b4a-93e4-5f571e91255a tenant . This user should have guest access privileges or be a tenant.

    You may be invited as a guest by the tenant's global administrator, who may then give you restricted access to particular resources.

    Reach out to whoever manages the Azure subscription in your organization.

    As you are lacking permissions to "Microsoft azure support", with this account you cannot raise the support ticket as well.

    Hope this helps you.