My PowerAutomate did not Working:Access is blocked by a Conditional Access policy that is blocking issuing of tokens.

Kobaton 126 Reputation points
2022-10-04T01:03:45.63+00:00

I created a Power Automate that retrieves the form content and sends an email when there is a submission on a form created in Microsoft Forms.

It has been working fine until now, but since September 27, an error has been occurring.
The details of the error say "Access is blocked by a Conditional Access policy that is blocking the issuing of tokens.”

If anyone knows why this problem is occurring or a solution, please help.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,829 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Dillon Silzer 54,746 Reputation points
    2022-10-04T02:17:15.24+00:00

    Hi @Kobaton

    I recommend looking at your Conditional Access Policies at https://aad.portal.azure.com/#view/Microsoft_AAD_IAM/ConditionalAccessBlade/~/Policies

    You may want to exclude your account from the Conditional Access Policies that is blocking this. You can try searching Sign-in logs for the failure > click it > check which policy it is being blocked by:

    247159-image.png

    247232-image.png

    --------------------------------

    If this is helpful please accept answer.

    0 comments No comments

  2. JamesTran-MSFT 36,476 Reputation points Microsoft Employee
    2022-10-06T18:17:18.093+00:00

    @Kobaton
    Thank you for your post and adding onto what @Dillon Silzer shared.

    Error Message:
    Access is blocked by a Conditional Access policy that is blocking the issuing of tokens.

    When it comes to troubleshooting sign-in problems with Conditional Access, you can find out which Conditional Access policy or policies applied and why.

    1. Sign in to the Azure portal as a Global Administrator, Security Administrator, or Global Reader.
    2. Browse to Azure Active Directory > Sign-ins.
    3. Find the event for the sign-in to review. Add or remove filters and columns to filter out unnecessary information.
    4. Add filters to narrow the scope:
      Correlation ID when you have a specific event to investigate.
      Conditional access to see policy failure and success. Scope your filter to show only failures to limit results.
      Application to see information related to specific applications.
      Date scoped to the time frame in question.
    5. Once the sign-in event that corresponds to the user's sign-in failure has been found select the Conditional Access For more info - Policy not working as intended

    248168-image.png

    Additional Links:
    Common Conditional Access error codes
    What to do if you're locked out of the Azure portal?
    Troubleshooting sign-in problems with Conditional Access

    I hope this helps!

    If you have any other questions, please let me know.
    Thank you for your time and patience throughout this issue.

    ----------

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.