AADSTS530004 - AcceptCompliantDevice Missing

AADSTS530004 – Device Compliance Setting Missing

If you’ve received error AADSTS530004: AcceptCompliantDevice setting isn't configured for this organization, it means the tenant has a conditional access policy that only allows compliant devices — and the service provider account is not treated as compliant.

Cause:  This typically occurs when Conditional Access policies require compliant devices, but the Sync 365 account is not covered by an exclusion.

How to Identify the Policy

  • Login to the customer's Azure portal
  • Open Microsoft Entra ID (Azure AD)
  • Go to Users → Sign-in logs
  • Find the sign-in attempt by"<Your company name> Technician"
  • Click into the failed sign-in to see the Conditional Access policy blocking access

Resolution

To resolve this issue, you can exclude the service provider account from the Conditional Access policy. See full guidance here: Conditional Access Policies

  • Edit the Conditional Access policy
  • In the Users  section, click Exclude → select "Service provider users"
    • All:  excludes all service providers with tenant relationships
    • Select:  allows you to specify specific tenant IDs — be sure to enter your tenant ID
  • Save the policy and retry the connection in Sync 365

    • Related Articles

    • AADSTS135011 – Device Used During Authentication Is Disabled

      Error: AADSTS135011 – The device used during authentication is disabled This error occurs when the device associated with your delegated admin account in Entra ID (Azure AD) has been disabled or deleted. Cause: Microsoft links authentication tokens ...

    • AADSTS700003 – Device Object Not Found in Tenant

      Error: AADSTS700003 – Device object was not found in the tenant This error occurs when the device originally used for delegated admin access has been deleted from your directory. Cause: If the Azure AD device associated with your delegated admin ...

    • Master Index Page for Troubleshooting Microsoft 365 Errors

      Troubleshooting Microsoft 365 Errors If you've received an error in Sync 365 related to authentication, consent, token refresh, or license sync, use the links below to find the exact resolution. Authentication& MFA Errors AADSTS50078 – MFA expired ...

    • Billing Profile Error – Invalid or Missing Product

      Error: Billing Profile has invalid product / Error updating price of product This error is related to mismatches between products in your PSA tool and your Sync 365 billing profile. Cause: A product referenced in your billing profile no longer exists ...

    • AADSTS700082 – Refresh Token Expired Due to Inactivity

      Error: AADSTS700082 – The refresh token has expired due to inactivity This typically occurs when the customer tenant has an MFA setting that allows "remember MFA for X days", which breaks token refresh after extended inactivity. Cause: The “remember ...