Admin Centre on Gateway server, 403 error when trying to connect to Azure

Hi Simon_Hargraves 

The issue you're facing with a 403 error when trying to connect your Admin Centre on a Gateway server to Azure indicates that the server understands your request but refuses to authorize it.

Try this:

1. Ensure that the Azure AD application used by your WAC has the necessary permissions to access the resources it's trying to manage. See here Azure Active Directory > App registrations > Your App > API permissions.

2. Since you mentioned that the certificate is installed on the client machine connecting to the server, ensure that the certificate is also trusted by the server where WAC is installed. Additionally, verify that the certificate matches the domain you are trying to connect to and that it has not expired.

3. Ensure that any network devices or firewalls between your Gateway server and Azure do not block the necessary ports or URLs required for Azure connectivity.

4. Verify if the service principal associated with your WAC on the Gateway server has been assigned the correct roles within Azure. It might require Contributor, Reader, or custom roles depending on the operations it needs to perform.

5. If your organization uses Conditional Access Policies, check if any policies might be blocking or restricting access from your Gateway server to Azure services. 

Let me know what you find!