Skip to content

Latest commit

 

History

History
52 lines (51 loc) · 5.59 KB

azuread.md

File metadata and controls

52 lines (51 loc) · 5.59 KB

AzureAD Event ID List for SignInLogs

53003	Access has been blocked due to conditional access policies.	
65001	Application X doesn't have permission to access application Y or the permission has been revoked. Or The user or administrator has not consented to use the application with ID X. Send an interactive authorization request for this user and resource. Or The user or administrator has not consented to use the application with ID X. Send an authorization request to your tenant admin to act on behalf of the App : Y for Resource : Z.	
50155	Device authentication failed for this user.	
50097	Device Authentication Required - DeviceId -DeviceAltSecId claims are null OR no device corresponding to the device identifier exists.	
50129	Device is not Workplace joined - Workplace join is required to register the device.	
50158	External security challenge was not satisfied.	
50089	Flow token expired - Authentication Failed. Have user try signing-in again with username -password.	
50173	Fresh auth token is needed. Have the user re-sign using fresh credentials.	
50055	Invalid password, entered expired password.	
50126	Invalid username or password or Invalid on-premise username or password.	
500121	Authentication failed during strong authentication request.	
50088	Limit on telecom MFA calls reached. Please try again in a few minutes.
16000	Either multiple user identities are available for the current request or selected account is not supported for the scenario.	
530003	Your device is required to be managed to access this resource	
160011	Selected user account was invalid.
90072	User account '{user}' from identity provider '{idp}' does not exist in tenant '{tenant}' and cannot access the application '{application}'({appName}) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account
530021	Application does not meet the conditional access approved app requirements.	
501314	Silent interrupt required to recognize browser capabilities. Used to differentiate between Safari running in iPadOS or Mac.
50014	The user's redemption is in a pending state. The guest user account is not fully created yet.
500581	Rendering JavaScript. Fetching sessions for single-sign-on on V2 with prompt=none requires javascript to verify if any MSA accounts are signed in.
90095	Actual message content is runtime specific. Please see returned exception message for details.
530002	Your device is required to be compliant to access this resource.
16003	The user account does not exist in the directory or the user hasn't been explicitly added to the tenant. To sign into this application, the account must be added to the directory.	
500881	Limit on telecom MFA calls reached. Please retry with PhoneAppNotification or try again in a few minutes.	
9002325	Proof Key for Code Exchange is required for cross-origin authorization code redemption.
50199	For security reasons, user confirmation is required for this request. Please repeat the request allowing user interaction.
135011	Device used during the authentication is disabled.
7000112	Application '{appIdentifier}'({appName}) is disabled.
530001	Browser not supported.	
140000	Request nonce is expired. Current time: {curTime}, expiry time of assertion {expTime}.	
530033	Remote device flow blocked due to device based conditional access.	
50201	This message prompt interrupt will be shown to the user during login when additional information should be provided to user.
50087	A transient error has occurred during strong authentication. Please try again.
530032	User blocked due to risk on home tenant.	
50008	SAML assertion is missing or misconfigured in the token. Contact your federation provider.	
50133	Session is invalid due to expiration or recent password change.	
50058	The application tried to perform a silent sign in and the user could not be silently signed in. The application needs to start an interactive flow giving users an option to sign in. Contact app owner.	
50011	The reply address is missing, misconfigured, or does not match reply addresses configured for the application. Try out the resolution listed at https://docs.microsoft.com/azure/active-directory/application-sign-in-problem-federated-sso-gallery#the-reply-address-does-not-match-the-reply-addresses-configured-for-the-application. If you still see issues, contact the application owner or app admin.	
70044	The session has expired or is invalid due to sign-in frequency checks by conditional access.	
50105	The signed in user is not assigned to a role for the signed in application. Assign the user to the application. For more information: https://docs.microsoft.com/en-us/azure/active-directory/application-sign-in-problem-federated-sso-gallery#user-not-assigned-a-role.	
50140	This error occurred due to 'Keep me signed in' interrupt when the user was signing-in.	
90014	Used in various cases when an expected field is not present in the credential.	
50057	User account is disabled. The account has been disabled by an administrator.	
50076	User did not pass the MFA challenge (non interactive).	
50074	User did not pass the MFA challenge.	
50059	User does not exist in directory. Contact your tenant admin.	
50020	User is unauthorized - unable to issue tokens because of version issue - issuer name is not specified - problems with issuer name (null -max length). Contact the app owner.	
50079	User needs to enroll for second factor authentication.	
50072	Users' needs to enroll for second factor authentication (interactive).
    50053   Sign-in was blocked because it came from an IP address with malicious activity