Forum Discussion

jeremympope's avatar
jeremympope
Copper Contributor
Dec 12, 2023

Error 500 logging into ADO or Private Nuget feed

I have a long standing user who in the middle of last week lost his ability to login got ADO or connect to our private feeds getting an 500 Internal Server Error. The situation is complicated slightly in that we share an ADO Subscription amongst multiple tenants so this use is added as an ExternalAzureAD Guest.


I dropped and recreated the user both in ADO and his guest account in the ADO joined tenant, waited half an hour and then re-added the user with to ADO, but still the same error. I have done the same with a scratch user and all this works without issue.

 

When the user goes direct to the private feed and logs in, they get the error:
{"$id":"1","innerException":null,"message":"TF400813: The user '66faf51b-bf86-6913-bd44-d1b38246c0ea' is not authorized to access this resource.","typeName":"Microsoft.TeamFoundation.Framework.Server.UnauthorizedRequestException, Microsoft.TeamFoundation.Framework.Server","typeKey":"UnauthorizedRequestException","errorCode":0,"eventId":3000}

When they try to login to ADO, the get the attached error:

We tried this on a different machine and got the same behaviour, so it seems account related.

 

How can I resolve this?

azure devops

1 Reply

  • Kidd_Ip's avatar
    Kidd_Ip
    MVP
    Apr 13, 2025

    Try to fix by the following:

     

    1. Verify Guest Account Permissions
    • Ensure the guest account has the correct permissions in the ADO organization. Check the user's role and access level in the ADO subscription. They should have at least "Basic" access or the appropriate role for accessing private feeds.
    1. Check Azure AD Configuration
    • Confirm that the guest account is properly configured in Azure AD. Sometimes, issues arise if the guest account is not fully synchronized or lacks necessary permissions in the Azure AD tenant.
    1. Private Feed Access
    • For the private NuGet feed, ensure the guest account has been granted access to the feed.
    1. Authentication Methods
    • The error TF400813 indicates an authorization issue. Ensure the guest account is using the correct authentication method (e.g., Personal Access Token (PAT) or OAuth). 
    1. Clear Cache and Retry
    • Ask the user to clear their browser cache and cookies, as cached data can sometimes cause login issues.
    • If using a different machine still results in the same error, it confirms the issue is account-related rather than device-specific.
    1. Activity Logs
    • Check the activity logs in Azure AD and ADO to identify any failed authentication attempts or permission-related errors. This can provide more insight into the root cause.

Resources