Problem: A guest user in SharePoint Online is getting this error message when trying to access a SharePoint Online site “AADSTS90072: User Account ‘User@Domain.com’ from identity provider ‘https://sts.windows.net/…’ does not exist in tenant ‘Tenant-Name’ and cannot access the application in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different azure active directory user account”. The sharing setting for the tenant is set to “Existing Guests”.
Root Cause and Solution:
This is because The user account trying to access the SharePoint resource is not present in the Azure AD Tenant. In other words, either the guest user was not added (invited) to the Azure AD environment, or the external user did not accept the invitation yet.
To resolve the issue, check if the user account exists in Azure AD Tenant. If the user doesn’t exist in the tenant, add them to your Azure AD. If the user is present, check if the invitation is accepted; If not, ask the user to accept the invitation.
Once the guest user accepted the invitation, he could access the shared sites without issues.