AADSTS53003: Access has been blocked by Conditional Access policies. The access policy does not allow token issuance.

Gregory Semedo 20 Reputation points
2024-02-15T17:32:02.04+00:00

2024-15-18-33-43

i got this error when connecting in security defender, with global secure access connected, i setup the policy with the traffic ms365 but i can access everything except security.defender. Does defender have an issue with global secure access ?

Microsoft Security | Microsoft Entra | Microsoft Entra ID
{count} votes

2 answers

Sort by: Most helpful
  1. Carl Sinclair 5 Reputation points
    2025-02-04T12:55:39.79+00:00

    If you do not see any Conditional Access policies listed (we didn't), check the basic info and see if there is a different tenant ID. For our issue, we believe the other tenant has a conditional access policy causing our issue.

    1 person found this answer helpful.

  2. Marilee Turscak-MSFT 37,206 Reputation points Microsoft Employee Moderator
    2024-02-16T01:16:05.61+00:00

    @Gregory Semedo ,

    Thank you for your post! The error message indicates that the access policy does not allow token issuance. This can happen when a user or application tries to access a resource that is protected by a Conditional Access policy, but the policy conditions aren't met. To know for certain what is being blocked, you will need to gather more details.

    Under Microsoft Entra ID > Sign-in logs , you can select the failed sign-in log and view the Conditional Access tab to get more details about why the Conditional Access conditions were not met and which policies applied.

    User's image

    Then if you select the policy details you should be able to see which conditions applied.

    If you still do not see enough information to isolate the issue, please let me know.

    Additional reading:

    If the information was helpful to you, please Accept the answer. This will help us as well as others in the community who may be researching similar questions.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.