How to fix - MsalClaimsChallengeException: AADSTS53003: Access has been blocked by Conditional Access policies. The access policy does not allow token issuance.

SohamPrasad Girde (Wipro Designit Services, Inc.) 40 Reputation points Microsoft External Staff
2024-04-23T07:22:46.7333333+00:00

Working on azure web app and it was working fine , suddenly i am getting below error

MsalClaimsChallengeException: AADSTS53003: Access has been blocked by Conditional Access policies. The access policy does not allow token issuance.

The same app is working fine with my other team - mates . Looking for help on support on this.

Thanks in Advance.

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
945 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Domooney-MSFT 2,606 Reputation points Microsoft Employee Moderator
    2024-04-23T08:31:12.99+00:00

    Hi SohamPrasad Girde (Wipro Designit Services, Inc.),

    Thank you for posting your query on Microsoft Q&A!

    The account you are using for authentication for your web app is being blocked by Conditional Access in your Entra ID tenant.

    If you navigate to the Sign-in Logs - https://portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/SignIns

    And locate the sign-in which is failing. If you are using a user account it may be in "Non-interactive User sign-ins" or if you are using a service principal you can check the "Service principal" tab.

    Once you locate the failed sign-in you can click on it and then navigate to the "Conditional Access" tab. This will show the Conditional Access policy which is blocking your sign-in.

    You will then need to modify this policy to allow access.

    Let me know if you have any further queries, I would be happy to help.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    Kind Regards,

    Donal


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.