When you try to Configure sign-on from Azure portal but it fails with an error " The user you specified is not authorized to perform this action" .
Below is an example of the menu when configuring in Azure:
From the instance System Log >ALL
we see the below message:
java.sql.BatchUpdateException: Duplicate entry 'http s://sts.windows.net/<id>/' for key 'idp'
: java.sql.SQLException: java.sql.BatchUpdateException: Duplicate entry 'http s://sts.windows.net/<id>/ for key 'idp'
This indicate there is already an Identity Provider URL entity ID with the same name in the Identity Provider record of the Instance.
To resolve the problem, from the logs, identify the duplicate Identity Provider. Then find and delete the duplicate record from the Instance Identity Provider record and try again to add it on the Azure console.