Hackathon Access Issue - AADSTS500200 Error for ******@gmail.com

Karthikeya 0 Reputation points

Hi Support Team,

I am participating in the Agents League Hackathon, but I am unable to log into the Innovation Studio platform. I keep receiving an identity tenant rejection error indicating my personal Microsoft account is not supported.

Could you please verify if my email has been explicitly invited as a Guest to your tenant organization, or re-trigger the platform activation invitation to my email?

Here are my technical error details for reference:

  • User Account: ******@gmail.com
  • Request Id: 7e592b2e-507b-4e8c-92cf-c7044c3b0800
  • Correlation Id: 019edbb5-9d19-7289-89da-9061532b194f
  • Timestamp: 2026-06-18T17:10:04Z
  • Error Message: AADSTS500200 (Personal Microsoft accounts are not supported)

Thank you for your help !!!

0 comments No comments
Sign in to comment

1 answer

  1. AI answer

    The error AADSTS500200 (Personal Microsoft accounts are not supported) means the application is configured to block personal Microsoft accounts (MSA) and/or is not set up to accept the type of account being used.

    From the provided details, there are two likely configuration issues on the hackathon tenant side:

    1. App registration sign-in audience is too restrictive
      If the app is registered as single-tenant or does not support personal accounts, personal Microsoft accounts (like *@gmail.com MSAs) cannot sign in. Required admin action in the hackathon tenant:
      1. In the Azure portal, go to App registrations and open the app used by Innovation Studio.
      2. Open Manifest.
      3. Check the signInAudience value. To allow non-tenant users, it must be one of:
        • AzureADandPersonalMicrosoftAccount
        • AzureADMultipleOrgs
        • PersonalMicrosoftAccount
      4. If it is not one of these values, the app registration must be recreated with the correct account type selected, because signInAudience cannot be edited directly in the manifest.
    2. Wrong sign-in endpoint (authority) is being used
      Even if the app supports multiple orgs or personal accounts, using a tenant-specific authority like https://login.microsoftonline.com/<tenant> will block users from other orgs or MSAs. Required developer/config action:
      • Set the authority/sign-in URL according to the app type:
        • Multitenant org-only: https://login.microsoftonline.com/organizations
        • Multitenant + personal accounts: https://login.microsoftonline.com/common
        • Personal accounts only: https://login.microsoftonline.com/consumers
      • Configure this URL in the app’s Authority setting as per the Microsoft identity platform guidance.
    3. Guest invitation requirement
      If the app is truly tenant-only (single-tenant) by design, then a personal account can only access it if:
      • The user is invited as a guest into the resource tenant, and
      • The app is intended to be used by guests.
      Required admin action in that case:
      • Follow the guest invitation process described in the Microsoft Entra B2B quickstart to invite the *@gmail.com address as a guest to the tenant.

    For the hackathon participant:

    • This issue cannot be fixed from the participant side. The hackathon organizers’ tenant admin or app owner must either:
      • Reconfigure the app to support personal Microsoft accounts (change sign-in audience and authority), or
      • Explicitly invite the *@gmail.com address as a guest and ensure the app is accessible to guests.

    Providing the organizers with the error code, request ID, correlation ID, and timestamp (as already done) will help them confirm the exact cause in their sign-in logs.

    References:

    AI-generated content may be incorrect. Read our transparency notes for more information.
Sign in to answer

Your answer