AADSTS50131: Device is not in required device state: known. Or, the request was blocked due to suspicious activity, access policy, or security policy decisions with WDATP

If you’re trying to use the Windows Defender Advanced Threat Protection through the API or through PowerBI and get an AADSTS50131 error, you’ll probably check your sign in logs to see if you’re being blocked by conditional access. If there’s nothing there, as I had the joy of discovering (tsk Microsoft, you really should log this) then check your classic policies and disable if present (old anyway):

Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

2 Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Huw Lynch
Huw Lynch
11 months ago

Hi – just discovered the same problem. Are you sure this policy can simply be deleted? It was obviously put there for a reason and was requiring “Known” devices (whatever that means). If it’s important then I’d prefer to replace it with an equivalent modern policy.