Policy Evaluation Error on Enterprise OIDC Connection

Problem statement

The following error is received:

access_denied error: “Policy evaluation failed for this request, please check the policy configurations.”


If Okta is the IdP the connection is pointed at, this error indicates the access policy for the client does not allow the scopes requested.


If the IdP targeted by the connection is Okta, this error indicates that the access policy configuration for the client does not allow the scopes the connection is requesting.

Either the access policy needs to be updated by the IdP’s admins, or the OIDC connection’s scopes must align with the access policy.

Related References