Share via

authenticated user is asked to authenticate to Teams when joining external org Teams. errors out.

Thomas Buczkowski (Cloud) 0 Reputation points
2026-04-28T15:40:28.9+00:00

I have a user who is attempting to join Teams calls provided by external organizations. user is authenticated to our Teams. user is prompted to join Teams when choosing external Teams meeting. attempts to follow prompts to sign in error out.

User has no additional accounts listed on app.

other users in our org. (including myself) can join external Teams without issue and while authenticated to our estate.

Microsoft Teams | Microsoft Teams for business | Sign up and Sign in | Sign in
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vy Nguyen 10,400 Reputation points Microsoft External Staff Moderator
    2026-04-28T16:41:08.84+00:00

    Hi @Thomas Buczkowski (Cloud)

    Good day, and I appreciate the way you clearly presented your concern.  

    From your description, you shared that one specific user who is already signed in to your organization’s Microsoft Teams is prompted to sign in again when joining an external organization’s Teams meeting, and the sign in attempt fails.  

    This type of behavior can occur when the authentication tokens or cached credentials stored on your device become outdated or misaligned with your active session. As this issue appears to be isolated to your account rather than affecting the wider organization, it is most likely related to a user-specific configuration on the device itself. In some cases, a conflict between stored sign-in data and the external tenant's authentication request can cause the process to loop or fail entirely. 

    To address this, please follow the steps below in order and test after completing each one to confirm whether the issue has been resolved.  

    1/ Clear the Microsoft teams application & credentials cache 

    Clearing the Teams cache removes outdated temporary files that may be interfering with the sign-in process.  

    In Windows Credential Manager: 

    • Open Credential Manager > Windows Credentials 
    • Remove any entries referencing msteams, microsoftteams, or office 

    Clear Teams app cache: 

    • Fully quit Teams 
    • On Microsoft:  
    • Press Windows + R, then type: %userprofile%\appdata\local\Packages\MSTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams  
    • On Mac: Press Command + Q, type: 
    rm -rf ~/Library/Group Containers/[UBF8T346G9.com.microsoft]teams  
rm -rf ~/Library/Containers/com.microsoft.teams2  

    2/ Check for token/account conflicts 

    Even if no additional accounts appear in the Teams UI, there may be stale tokens elsewhere: 

    • Open Windows Settings > Accounts > Access work or school to check for duplicate or ghost entries and remove any that shouldn't be there 
    • Check AAD tokens via dsregcmd /status in Command Prompt and look at the SSO State and Tenant Details sections for anomalies 
    • If the device shows as both Workplace Joined and Azure AD Joined, that can cause auth loops 
    • Reference: Why am I having trouble signing in to Microsoft Teams? - Microsoft Support 

    3/ Test by joining via the Teams web application 

    • As a next step, please open a new InPrivate or Incognito window in your browser and navigate to teams.microsoft.com.  
    • Sign in using your work account and attempt to join the external meeting from there.  
    • If this works successfully, it confirms that the issue is specific to the desktop application and that clearing the cache as outlined in Step 1 should address it going forward. 

    4/ Run the Microsoft teams sign-in diagnostic 

    • If the steps above do not resolve the issue, Microsoft provides a built-in diagnostic tool that can automatically check for account-level sign-in problems and suggest a course of action. 
    • Please go through this link, as running the diagnostic requires access to the Microsoft 365 Admin Center. 
    • Reference: Fix Teams sign-in errors - Microsoft Teams | Microsoft Learn 

    Since the problem is user-specific and not device-wide: 

    • In Entra ID (Azure AD) > Sign-in logs, filter by that user and look for failed sign-in attempts with error codes. This will tell you if Conditional Access is blocking them 
    • Check if the user is in any CA policies that others aren't (e.g., MFA requirements, compliant device policies, location restrictions) 
    • Also check External Access / Guest Access settings though these typically apply org-wide, confirm the user isn't excluded from any permission groups that allow federated access 

    5/ Teams external access policy 

    Verify the user hasn't been inadvertently assigned a custom Teams policy: 

    Connect to Teams PowerShell module Connect-MicrosoftTeams  
Check what policy is assigned to the affected user 
Get-CsOnlineUser -Identity ******@yourdomain.com | Select ExternalAccessPolicy, TeamsUpgradePolicy

    Compare the output against a working user. If the affected user has a different or custom policy assigned, that's your issue. 

    I hope the information I shared earlier was somewhat helpful in addressing your issue. If you have any further questions or updates, please don’t hesitate to share. I’m always happy to assist further if needed.    

    Thank you for your patience and your understanding. I look forward to continuing the conversation. 

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have any extra questions about this answer, please click "Comment".             

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread. 

  2. Q&A Assist
    2026-04-28T15:41:03.8133333+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    The behavior matches known issues where external meeting joins fail due to how external/anonymous access is configured or how the user is being treated when joining another organization’s meeting.

    Key points from the scenario and context:

    • Other users in the tenant can join external meetings, so this is likely specific to this user’s account or how their sign-in is being handled.
    • When external participants join Teams meetings, they can be treated as:
      • Anonymous users
      • Federated/external authenticated users
      • Guests
    • If external access or anonymous join is misconfigured for this user’s scenario, the join flow can loop or error.

    Admin-side checks and fixes:

    1. Verify external access configuration
      • In the Teams admin center, check External access and ensure the external organizations’ domains are not blocked and are allowed for federated access.
      • External access must be enabled bi-directionally: the external org must also allow this tenant’s domain. If their admin has blocked this tenant, the user may only be able to join as anonymous (if allowed) or be blocked.
      • See: manage external access.
    2. Verify anonymous join settings
      • In Meeting settings, confirm Anonymous users can join a meeting is configured as intended.
      • In the meeting policies assigned to users, verify the Anonymous users can join a meeting setting is not disabled for this user if anonymous join is required for external meetings.
      • If anonymous join is disabled at org or policy level, external users who cannot be treated as trusted external/federated users will be blocked or forced into problematic sign-in flows.
    3. Confirm user’s policy assignment
      • Compare this user’s Teams meeting policy and external access-related policies with a colleague who can successfully join external meetings.
      • If this user has a more restrictive policy (for example, anonymous join disabled or external access blocked at user level), align it with the working user’s policy.
    4. Consider guest access
      • If external organizations are adding this user as a guest to their tenant, ensure guest access is enabled in this tenant and that the user can switch orgs and use the correct guest context when joining.
      • See guest access in Teams.

    User-side guidance (for the affected user):

    1. Ensure the correct org/account is used when joining
      • When joining external meetings, especially as a guest, the user may need to:
        • Sign in to Teams desktop with the correct work account.
        • Use the account manager (profile picture → org switch) to select the correct org/guest org if they have been added as a guest.
        • Confirm on the pre-join screen that the correct domain/org is shown; if not, use Change to select the right org.
      • See “Join as a guest” and “Join externally” steps in the guest join guidance.
    2. Try joining from the meeting link directly
      • Use the meeting link from the invitation email and choose to join via browser or desktop app.
      • If prompted to sign in, ensure the same work account that has access to the meeting is used.
    3. If the issue persists only for specific external orgs
      • Ask the external organizer’s admin to verify:
        • Their external access settings allow this tenant’s domain.
        • Their meeting policy allows external/federated or anonymous users as required.

    If the user is being treated as an external/federated user but anonymous join is disabled and external access is blocked or misaligned between the two orgs, the join flow will fail with sign-in prompts and errors. Aligning external access and anonymous join settings as described resolves these issues.

    References:

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.