Microsoft Login Not Possible (AD Group)

Error: AADSTS700016

Symptom: Microsoft login fails

Technical Background: The application cannot be correctly found or assigned in the directory.

In this case, check whether the affected user has been granted the correct permissions for login.

If this error occurs in your setup, it means that the user has not been added to the correct Active Directory group. For the login to work, the user must be assigned to the appropriate Active Directory group.

Microsoft Login Not Possible (External)

Symptom: Microsoft login fails

Message: User account does not exist in the tenant

Cause: The account is not properly configured in the target tenant or does not have the required permissions.

Solution: Provision the user in the tenant or, in your case, add the user to the correct Active Directory group

If, during Microsoft login, the message appears stating that the selected user account does not exist in the tenant and cannot access the application, this is usually due to a permissions or tenant configuration issue. Microsoft describes this scenario as the account not existing in the respective Microsoft Entra tenant, meaning it must first be added as an external user before access can be granted.