Formerly, our Web app used Integrated Windows Authentication (IWA). It worked fine when accessed internally within our corporate network or externally via the Azure Entra Proxy Service.
Recently, we set up Azure AD authentication with our app. Now, it still works fine when accessed internally, but when trying to access our app externally (via Entra Proxy Service) we get the following message:
Forbidden: This corporate app can't be accessed. You are not authorized to access this application. Next Steps: Authorization failed. Make sure the user has permission to the internal application
Note: For "Pre Authentication" it is using Microsoft Entra ID. The Entra configuration, domain names, certificates, and server have not been altered.
Has anyone dealt with this issue before? Any suggestions would be appreciated. Thanks!
We found the issue - we just had to disable single sign-on; it was still trying to authenticate to the app using the old method and that was causing the error.