Microsoft 365 Business Premium: sole Global Administrator unable to sign in — MFA push notifications no longer received in Microsoft Authenticator

Service

Microsoft 365 Business Premium (trial subscription), Microsoft Entra ID, Microsoft Authenticator (push notifications method).

Scenario

I am the sole Global Administrator of a Microsoft 365 Business Premium tenant currently in trial period. I need to sign in to admin.microsoft.com to manage users, security, billing and the upcoming end-of-trial conversion. There is no second Global Administrator (break-glass account) configured in the tenant.

Result

Since 9 May 2026, the MFA verification step fails on every sign-in attempt at login.microsoftonline.com: Microsoft Authenticator no longer receives the push notification that should appear after entering the administrator password. The notification simply never arrives in the app, and no error code is returned by the browser — the sign-in flow remains indefinitely on the "Approve sign-in request" screen.

Environment

• Subscription: Microsoft 365 Business Premium — trial period started 20 April 2026, scheduled to end 20 May 2026 (first automatic charge on that date)

Authentication policy: MFA via Microsoft Authenticator push notifications, registered on a single mobile device, no alternative second factor configured (no SMS, no phone call, no FIDO key, no Windows Hello) Sign-in entry point: login.microsoftonline.com (also tested admin.microsoft.com) Mobile OS and Authenticator: latest available version, reinstalled twice, account re-added from a backup Network: tested on multiple networks (Wi-Fi and 4G), other Authenticator-protected accounts on the same device still receive notifications normally — only the M365 admin account is silent

Troubleshooting already performed

Reinstalled Microsoft Authenticator and restored the account from cloud backup — no effect Verified system-level push notifications, battery optimization and data saver settings on the device — Authenticator is allowed Attempted the standard self-service MFA reset via the "I can't access my account" link — not available because no alternative method is registered Submitted a privacy/data request at account.microsoft.com/privacy — auto-acknowledged, no further response yet Attempted to reach support via aka.ms/sslogon and aka.ms/admincall — both URLs redirect to Bing search Attempted to call Microsoft Business Support — the IVR / virtual agent does not route the request to a human and ends the call

Question

What is the correct escalation channel to reach the Customer Account Recovery (CART) team for a sole Global Administrator lockout on a Microsoft 365 Business Premium tenant, when the standard self-service MFA reset is not available (no alternative method registered) and the published aka.ms shortcuts redirect to Bing? Is there a documented form, email address, or phone routing keyword that reliably reaches the dedicated tenant recovery team?

Ownership evidence (Tenant ID, billing details, domain WHOIS, government-issued ID, ability to publish a DNS TXT record on the verified custom domain) can be shared through any private channel that Microsoft indicates.