I had issues in my lab environment that i could not access the settings for defender for Microsoft 365 Connector. I was just asked to login again. With error AADSTS50131.
I looked for risky users in the Identity Protection portal. And the account was listed with a medium risk. I looked and all policies was disabled under risky users and I also looked in conditional access policy but no risk policies was enabled for this account. I than continued to Azure AD and looked at the sign-in logs for the account. I could see a failure but with no policy applied.
- No conditonal access policy was applied
- Sign-in error
We can also see that the service is WindowsDefenderATP the good old name=). Since it’s an old name I did go for the legacy policies instead. And there it was. Activated and applied. I turned of the policy and after that I was able to access the Microsoft 365 Defender Connector in Sentinel again.
Hope this can help if you get in the same trouble as I did.
Microsoft 365 Tech blog 