Azure event codes
All codes for reference
Another good resource
Codes to look for:
1000000
Expected error when the user attempts to connect a LinkedIn account to their AAD accoun
502031
User has not registered the authenticator app and registration is required
500121
multiple failed multi-factor authentication (MFA) requests for a single user within an Azure AD tenant. This behavior can be a sign that an adversary is attempting to bypass MFA by repeatedly prompting the user for authentication. If confirmed malicious, this activity could lead to unauthorized access
500113
500011
Developer error - the app requested access to a resource (application) that isn't installed in your tenant. If you expect the app to be installed, you may need to provide administrator permissions to add it. Check with the developers of the resource and application to understand what the right setup for your tenant is
399218
For security reasons, user confirmation is required to sign in to this tenant.
90072
PassThroughUserMfaError - The external account that the user signs in with doesn't exist on the tenant that they signed into; so the user can't satisfy the MFA requirements for the tenant, also might occur if the users are synced, but there is a mismatch in the ImmutableID (sourceAnchor) attribute between Active Directory and Microsoft Entra ID
70044
The session has expired or is invalid due to sign-in frequency checks by conditional access, on the side of application
65002
The API owner before requesting tokens for that API. A developer in your tenant might be attempting to reuse an App ID. This error prevents them from impersonating a Microsoft application to call other APIs. They must move to another app ID they register
65001
MFA requirement skipped due to IP address or The user or administrator has not consented to use the application with ID or MFA completed in Azure AD -- The user or administrator has not consented to use the application with ID
53003
Access has been blocked by Conditional Access policies
50203
User has not registered the authenticator app and must register or snooze this notification.
50158
External security challenge not satisfied. User will be redirected to another page or authentication provider to satisfy additional authentication challenges.
50155
Device auth failed for a user, device is disabled or pending on AAD. Disabling : Disabling a device prevents it from authenticating via Azure AD Pending : Pending devices indicates that the device has been synchronized successfully using Azure AD connect form
50140
Error occurred when clicking "keep me signed in" after login
50133
Auto sign out from password expiration or recent password change
50129
The device is not workplace joined. Workplace join is required to register the device
50126
Invalid Username or password
50125
Sign in was interrupted because of password reset or password registration
50105
Signed in user isn't assigned to a role for the app requested
50089
(Auto Log Out) Expected - auth codes, refresh tokens, and sessions expire over time or are revoked by the user or an admin. The app will request a new login from the user.
50088
Limit on telecom MFA calls reached. Please try again in a few minutes.
50079
User Strong Auth Enrollment Required, Due to a configuration change made by the admin such as a Conditional Access policy, per-user enforcement. the user is required to use multi-factor authentication
50076
(Failed MFA) A user must use MFA to Access this resource
50074
User Did not pass the MFA challenge
50072
The user was presented options to provide contact options so that they can do MFA, you must enroll in multi-factor authentication to access
50057
The user account is disabled.
50053
IdsLocked - The account is locked because the user tried to sign in too many times with an incorrect user ID or password. The user is blocked due to repeated sign-in attempts, Or, sign-in was blocked because it came from an IP address with malicious activity.
16003
The user account does not exist in the directory or the user hasn't been explicitly added to the tenant. To sign into this application, the account must be added to the directory. This can be the case when someone is sent to a login URL for your tenant without being a member, or picks the wrong user account.
Last updated