Azure SSO - You don't have access to this

Spaar, David Mitchell 1 Reputation point

I've created an app registration and am using it to provide authentication for a Django-based application run in our organization. This process is working great for the majority of our users. However, one users is being prevented from accessing the application because he receives a message at the level of Azure SSO sign on stating "your sign-in was successful but you don't have permission to access this resource". I've gone to the length of explicitly granting him default access via the Azure dashboard but he still gets rejected by the Azure process. How can I get this fixed for this users? Is there some way he can grant permission for the application to view his credentials? I had to do that when I first instantiated this process, but if someone were to reject that permission request, would this situation be the result?

Any help that can be provided on this issue would be greatly appreciated.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,107 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Marilee Turscak-MSFT 35,616 Reputation points Microsoft Employee

    Hi @Spaar, David Mitchell ,

    Here are some possibilities:

    1) The user may have tried to login using an email address instead of his username. In this case he will need to click "Sign out and sign in with a different account", sign in with the username in the correct format, and complete any necessary password and MFA steps.
    2) Saved activities in your web browser could cause this error. He can resolve this by logging in using a fresh browser or incognito window.
    3) There may be an internal policy that is blocking that user. If that is the case you can create a new personal login ID to resolve the issue.
    4) The user may be missing a license that the other users have. You can check for this and make sure the necessary licenses are assigned.
    5) The user may have recently changed a password and is having a keychain-related issue .In this case you can try removing all Microsoft/Office items from the user's keychain or creating a new keychain.
    6. If by chance he is using a student/educational subscription, he needs to sign in with his organization's email address and use his student account.

    Let me know if any of these steps help.

    0 comments No comments

  2. Ahmadi Jozdani, S. (Sajad) 0 Reputation points

    I got the same error: Error Code: 53003 Request Id: 2e01fafd-ca7d-4c7b-8987-a33f0c3e1900 Correlation Id: 45166896-1d73-4daa-8636-d9c45a356e30 Timestamp: 2024-01-19T11:48:43.467Z App name: Azure Portal App id: c44b4083-3bb0-49c1-b47d-974e53cbdf3c IP address: Device identifier: Not available Device platform: macOS Device state: Unregistered

    0 comments No comments