Azure event codes

All codes for reference

Another good resource

Codes to look for:

status.errorCode
Error code info

1000000

Expected error when the user attempts to connect a LinkedIn account to their AAD accoun

502031

User has not registered the authenticator app and registration is required

500121

multiple failed multi-factor authentication (MFA) requests for a single user within an Azure AD tenant. This behavior can be a sign that an adversary is attempting to bypass MFA by repeatedly prompting the user for authentication. If confirmed malicious, this activity could lead to unauthorized access

500113

500011

Developer error - the app requested access to a resource (application) that isn't installed in your tenant. If you expect the app to be installed, you may need to provide administrator permissions to add it. Check with the developers of the resource and application to understand what the right setup for your tenant is

399218

For security reasons, user confirmation is required to sign in to this tenant.

90072

PassThroughUserMfaError - The external account that the user signs in with doesn't exist on the tenant that they signed into; so the user can't satisfy the MFA requirements for the tenant, also might occur if the users are synced, but there is a mismatch in the ImmutableID (sourceAnchor) attribute between Active Directory and Microsoft Entra ID

70044

The session has expired or is invalid due to sign-in frequency checks by conditional access, on the side of application

65002

The API owner before requesting tokens for that API. A developer in your tenant might be attempting to reuse an App ID. This error prevents them from impersonating a Microsoft application to call other APIs. They must move to another app ID they register

65001

MFA requirement skipped due to IP address or The user or administrator has not consented to use the application with ID or MFA completed in Azure AD -- The user or administrator has not consented to use the application with ID

53003

Access has been blocked by Conditional Access policies

50203

User has not registered the authenticator app and must register or snooze this notification.

50158

External security challenge not satisfied. User will be redirected to another page or authentication provider to satisfy additional authentication challenges.

50155

Device auth failed for a user, device is disabled or pending on AAD. Disabling : Disabling a device prevents it from authenticating via Azure AD Pending : Pending devices indicates that the device has been synchronized successfully using Azure AD connect form

50140

Error occurred when clicking "keep me signed in" after login

50133

Auto sign out from password expiration or recent password change

50129

The device is not workplace joined. Workplace join is required to register the device

50126

Invalid Username or password

50125

Sign in was interrupted because of password reset or password registration

50105

Signed in user isn't assigned to a role for the app requested

50089

(Auto Log Out) Expected - auth codes, refresh tokens, and sessions expire over time or are revoked by the user or an admin. The app will request a new login from the user.

50088

Limit on telecom MFA calls reached. Please try again in a few minutes.

50079

User Strong Auth Enrollment Required, Due to a configuration change made by the admin such as a Conditional Access policy, per-user enforcement. the user is required to use multi-factor authentication

50076

(Failed MFA) A user must use MFA to Access this resource

50074

User Did not pass the MFA challenge

50072

The user was presented options to provide contact options so that they can do MFA, you must enroll in multi-factor authentication to access

50057

The user account is disabled.

50053

IdsLocked - The account is locked because the user tried to sign in too many times with an incorrect user ID or password. The user is blocked due to repeated sign-in attempts, Or, sign-in was blocked because it came from an IP address with malicious activity.

16003

The user account does not exist in the directory or the user hasn't been explicitly added to the tenant. To sign into this application, the account must be added to the directory. This can be the case when someone is sent to a login URL for your tenant without being a member, or picks the wrong user account.

Last updated