Unable to authorize the Azure multi tenant application

Yasitha Pandithawatta 101 Reputation points
2024-04-03T01:28:20.7533333+00:00

One of our clients gets below error when they try to authorize our application and requesting our help to determine the root cause.

Your sign-in was successful but you don't have permission to access this resource.

Customer also shared the Sign-in logs where it shows the access is blocked by security defaults.

Sign-in error code: 530035

Grant Controls: Block

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,294 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Harpreet Singh Matharoo 7,396 Reputation points Microsoft Employee
    2024-04-03T07:06:12.7966667+00:00

    Hello @Yasitha Pandithawatta

    Thank you for reaching out to Microsoft QnA Platform. I reviewed the error code and would like to confirm that indeed the error code is for Microsoft Azure Security Defaults. More information on Error below:

    • Error Code: 530035
    • Message: Access has been blocked by security defaults.
    • Remediation: If this is unexpected, see security defaults that applied to this request in the Azure Portal.

    Basically Microsoft Azure Security Default is a Security Baseline solution designed for free users. This feature blocks any clients/applications which use legacy protocols. This is a tenant wide feature and if user does not intends to receive MFA prompts or get blocked on apps/clients which use legacy protocol then they would need to reach out the tenant admin and disable the feature. More information on Security Defaults can be found here: https://learn.microsoft.com/en-us/entra/fundamentals/security-defaults.

    I hope the information provided above helps you resolve the issue. Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments