<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z00009YsJNtCANOkta Classic EngineAuthenticationAnswered2023-08-18T05:36:51.000Z2023-08-15T02:47:40.000Z2023-08-18T05:36:51.000Z

YawaraY.09418 (Customer) asked a question.

August 15, 2023 at 2:47 AM
User accounts have been locked out due to the rich client authentication error occurred on Microsoft 365 SSO app.

Hi

Some users of our company environment are facing the account lock due to the failure of authentication into Microsoft 365.

All errors occuring are the rich client authentication error.​

But nothing of knowledges published in Okta community as follows does not apply in our case.

https://support.okta.com/help/s/article/Authentication-of-a-user-via-Rich-Client-failure-with-error-Multiple-users-found?language=en_US

According the following case, Brute force attack can be suspected but our security team has not detected any suspicious activities.

https://support.okta.com/help/s/question/0D54z00008p55K9CAI/authentication-of-a-user-via-rich-client-failure?language=en_US

Anyone facing the similar troubles?

  • 2 answers
  • 1.73K views

  • DonF.81354 (Customer)

    Hi! I too have ran into this issue many times, and have found this article to be most helpful:

     

    https://support.okta.com/help/s/article/Users-getting-locked-out-with-multiple-failed-login-attempts-via-a-Rich-Client?language=en_US

     

    Ultimately what may be happening is that the Microsoft/Outlook credentials are repeatedly trying to authenticate to Okta and thus can lock the user out. Please inquire as to all the devices that could be the culprit here, including their own personal devices as well. Clearing out the credentials are only effective when it is cleared on all the devices, often of which, leading to the one device being left out (and unknown) as the one being the problem.

     

    I hope that helps! Please let me know if you have any further questions or concerns. Thanks!

    Expand Post
    Selected as Best

  • DonF.81354 (Customer)

    Hi! I too have ran into this issue many times, and have found this article to be most helpful:

     

    https://support.okta.com/help/s/article/Users-getting-locked-out-with-multiple-failed-login-attempts-via-a-Rich-Client?language=en_US

     

    Ultimately what may be happening is that the Microsoft/Outlook credentials are repeatedly trying to authenticate to Okta and thus can lock the user out. Please inquire as to all the devices that could be the culprit here, including their own personal devices as well. Clearing out the credentials are only effective when it is cleared on all the devices, often of which, leading to the one device being left out (and unknown) as the one being the problem.

     

    I hope that helps! Please let me know if you have any further questions or concerns. Thanks!

    Expand Post
    Selected as Best

  • YawaraY.09418 (Customer)

    Hi !

     

    Thank you for sharing the link !

    But unfortunately all users did't ​have the credential information in Credential Manager...

     

This question is closed.
Loading
User accounts have been locked out due to the rich client authentication error occurred on Microsoft 365 SSO app.