![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 95%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Entra | Other
Additional Microsoft Entra services and features related to identity, access, and network security
The error interaction_required: AADSTS5000225: This tenant has been blocked due to inactivity means the Microsoft Entra tenant associated with the account has been marked inactive and blocked. In this state, sign-in to Azure (including portal.azure.com) is intentionally prevented.
Key points from the tenant lifecycle behavior:
- When a tenant is inactive for an extended period, Microsoft blocks sign-in with error AADSTS5000225.
- Administrators can request reactivation only within 20 days of the tenant entering the inactive (blocked) state.
- If the tenant remains in this state for more than 20 days, it is deleted and cannot be recovered.
To proceed, use the path that matches the situation:
- If the tenant was blocked less than 20 days ago and admin access exists
- A global administrator for the tenant must contact Microsoft support to request reactivation.
- Use the global support phone numbers listed at: global support phone numbers.
- Do not open multiple support cases for the same tenant; wait for the decision on the first request.
- If the tenant has been blocked for more than 20 days
- The tenant will have been deleted and is not recoverable.
- In this case, a new tenant must be created to continue using Azure or Entra ID.
- Additional workarounds seen in similar cases
- Some users with free/trial accounts have been able to:
- Sign out of all Microsoft accounts and clear browser/site data, then sign in again.
- Sign in directly to a specific tenant in the Azure portal using its tenant ID or tenant name in the URL, for example:
-
https://portal.azure.com/<TenantId> -
https://portal.azure.com/<yourTenantName>.onmicrosoft.com
-
- If access to Entra is possible, go to
https://entra.microsoft.com, then Entra ID → Overview → Manage tenants, and create a new tenant. After that, sign in to Azure portal using the new tenant domain (for examplehttps://portal.azure.com/xxx.onmicrosoft.com) and work from the new tenant.
- Some users with free/trial accounts have been able to:
If none of the browser/URL workarounds help and the tenant is still within the 20‑day reactivation window, the only supported way to unblock it is for a tenant admin to contact Microsoft support as described above.
References: