3514997 - 'User not authorized, source of route : /^^\\/app\\/(.*)$/, IP: ******, required scopes: relatives-PROD!t54803.Relatives

Customer is reporting an issue with users not being able to access a BTP application despite being assigned the application's role in the Azure AD group.

• The error message "User not authorized, source of route: /^\\/app\\/(.*)$/, IP: ******, required scopes: relatives-PROD!t54803.Relatives, user scopes: openid,uaa.user" was noted in the application logs.
• The issue persists even when the user is directly assigned to the role relatives-PROD!t54803.
• The issue impacts the ability of some end users to open cloud applications.

• Business Technology Platform
• Azure AD
• Cloud Foundry

BTP, roles, User not authorized, required scopes: relatives, Azure AD, groups , KBA , BC-CP-CF-SEC-IAM , UAA, Authentication, Authorization, Trust Mgmnt , Problem