How to fix - MsalClaimsChallengeException: AADSTS53003: Access has been blocked by Conditional Access policies. The access policy does not allow token issuance.

SohamPrasad Girde (Wipro Designit Services, Inc.) 20 Reputation points Microsoft Vendor
2024-04-23T07:22:46.7333333+00:00

Working on azure web app and it was working fine , suddenly i am getting below error

MsalClaimsChallengeException: AADSTS53003: Access has been blocked by Conditional Access policies. The access policy does not allow token issuance.

The same app is working fine with my other team - mates . Looking for help on support on this.

Thanks in Advance.

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
687 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Domooney-MSFT 2,476 Reputation points Microsoft Employee
    2024-04-23T08:31:12.99+00:00

    Hi SohamPrasad Girde (Wipro Designit Services, Inc.),

    Thank you for posting your query on Microsoft Q&A!

    The account you are using for authentication for your web app is being blocked by Conditional Access in your Entra ID tenant.

    If you navigate to the Sign-in Logs - https://portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/SignIns

    And locate the sign-in which is failing. If you are using a user account it may be in "Non-interactive User sign-ins" or if you are using a service principal you can check the "Service principal" tab.

    Once you locate the failed sign-in you can click on it and then navigate to the "Conditional Access" tab. This will show the Conditional Access policy which is blocking your sign-in.

    You will then need to modify this policy to allow access.

    Let me know if you have any further queries, I would be happy to help.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    Kind Regards,

    Donal