We integrate with Azure AD as the only available login option in our solution. When a first-time user is redirected to the Appfram solution, we have implemented SSO with user creation in Appfram. This process generally works fine. However, two users have experienced landing on an “Access Denied” page in Appfram the first time they try to log in. This issue resolves itself when they try again, and they do not encounter the same problem on subsequent logins once the user is created.
It appears that there might be a delay in the system within Appfram and/or Azure AD when a first-time user logs in and the Appfram user is created. Is there a way to resolve this so that users don’t receive the “Access Denied” error on their first login attempt?
Hi, I am struggling to recreate the issue.
Could you please DM a screenshot of the Custom Auth Config? Make sure to censor any keys 
// Erik
Hi Sigurd,
Thank you for your message.
We haven’t been able to reproduce the issue ourselves, but two users have reported the same problem.
Attached is the login configuration.
-Sigurd
Old topic, but it’s all I could find and we just had the same issue.
An Entra ID-authenticated user logged in for the first time and was told they didn’t have access (“Adgang nektet”).
I’ve previously observed a user account with a value in the “Last Login” field, but no roles. Could the role assignment on first login/acct. creation be delayed in some cases?
Unable to reproduce it by deleting and my own account and then re-creating it by logging in with SSO unfortunately.
