Share via

Unable to Sign-In in Work Account on iPhone

Ahad Alam 5 Reputation points
2025-01-31T11:02:10.8666667+00:00

One of the users in our org is having trouble signing in to Work Account on their iPhone.

Steps followed for Enrolment:

  • Open the Settings app on your device.
  • Select General.
  • Select VPN & Device Management.
  • Click: “Sign In to Work or School Account…”
  • Enter your Company email address and click Continue
  • Sign in using Microsoft credentials, and accept your MFA push
  • You will get a pop-up message saying, “Do you trust abc-company.com?” Click Continue
  • Gets the error pop-up

User's image

History

  • The user was previously enrolled using the same device. Had to remove the device from Entra due to some reason and re-enrol. (Can't find the old reason, case was escalated to me later on)

Troubleshooting Steps:

  • Removed Device from Entra and Intune.
  • Uninstalled Company Portal and reinstalled.
  • Verified the Work Account is not logged in on the phone.
  • Reset the user's MFA and uninstalled/reinstalled and re-configured Authenticator App for MFA.
  • Tried changing default phone browser from Safari to Edge.

Good to know stuff:

  • Our Company's Conditional Access Policy do not allow our accounts to be logged in on Non-Compliant Devices. The Phone devices become compliant after the user sign-ins in Work Account and Company Portal.
  • Device Model: iPhone 15 Pro Max
  • iOS: 18.2

Error:

Sorry, but we're having trouble signing you in.

AADSTS165000: Invalid Request: The request tokens do not match the user context. Do not copy the user context values (cookies; form fields; headers) between different requests or user sessions; always maintain the ALL of the supplied values across a complete single user flow. Failure Reasons:[Token values do not match;)

Microsoft Security | Intune | Microsoft Intune iOS
Microsoft Security | Intune | Enrollment
Microsoft Security | Microsoft Authenticator
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Crystal-MSFT 53,986 Reputation points Microsoft External Staff
    2025-02-03T02:14:11.3666667+00:00

    @Ahad Alam, Thanks for posting in Q&A. For the error message AADSTS165000, it indicates that the request tokens do not match the user context, which can happen if there are inconsistencies in the authentication flow.

    For the affected device, I would like to know which enrollment method we use to enroll. In general, if this is not a personal device, the device needs to do factory reset when we do enrollment.

    https://learn.microsoft.com/en-us/mem/intune/fundamentals/deployment-guide-enrollment-ios-ipados#related-articles

    If this is a personal device, please unenroll the device from Intune, clear all the company account on the device and enroll again to see if it can work.

    Clear Safari Cookies and Data:

    Go to Settings > Safari > Clear History and Website Data. This can help ensure there are no old cookies or cached data causing issues.

    Please try the above suggestions and if there's any update, feel free to let us know.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.