If you encounter the AADSTS5000225 error when trying to sign into Azure, it usually means your Azure Active Directory (Azure AD) tenant has been blocked due to inactivity. This prevents both admins and users from logging in, and can cause serious disruption if you rely on Azure services.
What Causes Error AADSTS5000225?
This error appears when Azure flags your directory as inactive or disabled. Common reasons include:
- No sign-ins to the tenant for a long time.
- The linked Azure subscription or Microsoft 365 license expired.
- Microsoft automatically marked the tenant inactive due to non-usage.
- The tenant has entered the deletion grace period.
When blocked, all authentication attempts fail with the message:
“The tenant has been blocked due to inactivity.”
How to Fix AADSTS5000225 in Azure
1. Sign in with a Global Admin Account
- Try logging in with the Global Administrator account (the one used to create the tenant).
- In some cases, standard users are blocked but admins can still access the Azure Portal.
- Once inside, check the Directory status and subscription health.
2. Reactivate the Subscription
If your tenant is linked to an Azure subscription or Microsoft 365 plan:
- Log in to the Microsoft 365 Admin Center or Azure Portal.
- Navigate to Billing > Subscriptions.
- Check if the subscription is Expired or Disabled.
- Renew or reactivate the subscription.
- Assign at least one active license to users.
This usually restores access automatically.
3. Contact Microsoft Support to Unblock the Tenant
If you can’t log in at all:
- Go to Azure Portal Support.
- Open a support request for Azure Active Directory.
- Provide these details from the error page:
- Tenant ID
- Trace ID
- Correlation ID
- Timestamp
- Microsoft Support can restore the tenant if it’s still in the retention period.
4. Check Tenant Deletion Grace Period
- Inactive tenants are typically retained for 30–90 days before permanent deletion.
- If within the grace window, Microsoft can reactivate it.
- After permanent deletion, the only option is to create a new tenant.
5. Prevent Future Tenant Blocking
To avoid facing this error again:
- Always keep at least one subscription active.
- Ensure admins sign in periodically to show activity.
- Assign at least two Global Admins for recovery access.
- Enable license auto-renewal to prevent accidental expiry.
See also: Azure Policy Error: How to Enable MFA for Tenant Before October 2025
The AADSTS5000225 error means your Azure tenant has been blocked due to inactivity. In most cases, you can fix it by:
- Logging in with a Global Admin account.
- Renewing or reactivating the Azure/Microsoft 365 subscription.
- Opening a Microsoft support ticket with error details.
If the tenant is within the retention period, Microsoft can restore it without creating a new one.
