Symptom
Customer is reporting an issue with users not being able to access a BTP application despite being assigned the application's role in the Azure AD group.
- The error message "User not authorized, source of route: /^\\/app\\/(.*)$/, IP: ******, required scopes: relatives-PROD!t54803.Relatives, user scopes: openid,uaa.user" was noted in the application logs.
- The issue persists even when the user is directly assigned to the role relatives-PROD!t54803.
- The issue impacts the ability of some end users to open cloud applications.
Read more...
Environment
- Business Technology Platform
- Azure AD
- Cloud Foundry
Keywords
BTP, roles, User not authorized, required scopes: relatives, Azure AD, groups , KBA , BC-CP-CF-SEC-IAM , UAA, Authentication, Authorization, Trust Mgmnt , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.