SSO issue (403 error related to expired MFA)
Last week I enabled SSO for my 1Password users, and today one of the users is reporting issues with accessing their account. The error is as follows:
ServerError: 403 (forbidden: invalid_grant: AADSTS50078: Presented multifactor authentication has expired due to policies configured by your administrator, you must refresh your multi-factor authentication to access 'DATA DELETED'. Trace ID: DATA DELETED Correlation ID: DATA DELETED Timestamp: 2023-07-19 08:41:22Z)
This doesn't seem to be occurrng for other users right now but the user is unable to sign in. I have tried recovering their account so at least they have some access but get the following error:
ServerError: 400 (registration_bad_request: getIdentity failed to ExchangeCode: forbidden: invalid_grant: AADSTS50078: Presented multi-factor authentication has expired due to policies configured by your administrator, you must refresh your multi-factor authentication to access 'DATA DELETED'. Trace ID: DATA DELETED Correlation ID: DATA DELETED Timestamp: 2023-07-17 08:44:33Z
This seems similar to the error mentioned in thread https://1password.community/discussion/comment/687880 but the error is different so I wanted to reach out for any ideas on how I can this person to have access to their vault again.
Many thanks for any ideas you may have.
I have raised support ticket 155616 for this issue
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Windows 10
Browser: Chrome, Edge
Comments
-
Hello @jbourne6321,
Thanks for writing in about the 403 error your team member is seeing while signing into 1Password. I see you've also sent in a support ticket, so I've asked our integrations specialists to review it and reply directly to your email. To avoid any duplication of work, and help keep all of your troubleshooting in one place, I'll close out this community thread. Please reply to your support ticket if you have any questions.
Thank you,
0
