Logo
Subscribe
Resolving the SharePoint Online Guest user error: Account does not exist in the tenant
SharePoint; Entra ID

Resolving the SharePoint Online Guest user error: Account does not exist in the tenant

31 March 2026 By Hal Sclater

How to resolve the error that guest users receive when accessing shared content from SharePoint Online.

A common cause is when the external user changes their primary email address, UPN, or both. This guide also helps with related identity mismatch scenarios.

Background

  • Someone shares a site, file, or folder with an external user.
  • With SharePoint Entra B2B integration enabled, a guest account is created automatically.
  • Later, the external user changes email, UPN, domain, or identity provider in their home tenant.
  • They then receive the message: Account does not exist in the tenant.

Why this error appears

The guest object in your tenant is tied to an immutable identity reference, not just the current email address. If the guest identity changes, your tenant may still expect the old claim.

Result: Microsoft reports that the account does not exist in the tenant because the stored guest mapping no longer matches the user signing in.

How to fix it

Prerequisites

  • Entra User Administrator role
  • SharePoint admin, or site admin for the affected sites

Main steps

  1. Delete the guest user from Entra ID.
  2. Delete the user from the SharePoint User Information List.

The second step is the one most people miss. It is often required to fully resolve the issue.

Useful URLs

  • /_catalogs/users/simple.aspx
  • /_layouts/15/people.aspx?MembershipGroupId=0

Remove via SharePoint site UI

  1. Go to the affected SharePoint site.
  2. Open /_layouts/15/people.aspx?MembershipGroupId=0
  3. Edit the detail view and add the email field.
  4. Find and delete the user from the list.

Remove using PowerShell

Connect-PnPOnline -Url "https://yourtenant.sharepoint.com/sites/yoursite" -Interactive

# Find the user
$user = Get-PnPUser | Where-Object { $_.Email -eq "oldemail@example.com" }

# Remove the user
Remove-PnPUser -Identity $user.LoginName
# or
$user | Remove-PnPUser

Once complete, the guest should be able to re-access after being re-invited with their current identity.

Back to Blog Need Help?