function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
Carolina Ruiz MedinaCarolina Ruiz Medina 

Auth Provier: AuthorizationError?ErrorCode=NO_ACCESS&ErrorDescription=User+was+a+portal+user

I would like to ask you about Auth Provider:

I have a Registration Handler in a DE org linked to my Auth provider, it is working correctly and allowing the external users to register.

Now I decided to pass it to my sandbox, I created a new Auth provider, with the new reg handler. The code is the same.

The url is something like:

(in the dev org was something like

Checking if there is a user for the email and if not create a new one with Community User profile ( High Volume Customer Portal - the org has licenses for it) .

-If there is no user that match the email a new one is created.

-If there is that is returned.

IN both cases the registration is not working in the Sandbox

However if I go to my DE org where I have the same structure created ( Auth provider + reg handler) it is working.

Code , Profiles , licenses are the same.

Here it is a example of the code ( when I say sample is because I reduce it to the simple case , no validations or checks are on it at the moment)
global class RegHandler implements Auth.RegistrationHandler{

global boolean canCreateUser(Auth.UserData data) {
    return false;

global User createUser(Id portalId, Auth.UserData data){

    String profileName = 'Community User';

    List<Profile> profiles = [SELECT Id, Name, UserType FROM Profile WHERE Name = :profileName];

    Profile profile = profiles.isEmpty() ? null : profiles[0];

        throw new RegHandlerException('Could not find the profile');

    List<User> users = [SELECT Id,Email,Username,FirstName,LastName,Alias,CommunityNickname,ProfileId,
        ContactId,LocaleSidKey,LanguageLocaleKey,TimeZoneSidKey,EmailEncodingKey FROM User WHERE  Email = :data.Email and IsActive=true]; // Standard: to exclude Guest user (etc?)Profile.UserType = 'CspLitePortal' and Name='Carolina Ruiz Medina'];// 
    User user = users.isEmpty() ? null : users[0];

        List<String> emailComponents ='@');
        String nickname = data.attributeMap.get('display_name');
        Contact ct = new Contact(
            LastName = data.LastName,
            AccountId =  '00119000002uozp');
        upsert ct;

        user = new User(
            Email =,
            Username = emailComponents[0] + '',
            Alias = emailComponents[0].left(8),
            CommunityNickname = nickname,
            ProfileId = profile.Id,
            FirstName = data.firstName,
            LastName = data.lastName,
            LocaleSidKey = data.locale,
            LanguageLocaleKey = data.attributeMap.get('language'),
            TimeZoneSidKey = 'Europe/London',
            EmailEncodingKey  = 'ISO-8859-1',
            contactId = ct.Id


    return user;

global void updateUser(Id userId, Id portalId, Auth.UserData data){
    User u = new User(id=userId); =;
    u.lastName = data.lastName;
    u.firstName = data.firstName;

class RegHandlerException extends Exception {}

I know that the orgs that will connect with the sandbox will be also in server. ( like before the orgs connecting to my DE org where the Auth provider is working were DE orgs too)

Then in summary when I try to registre/log using auth provider URL is alwayws giving me the error:AuthorizationError?ErrorCode=NO_ACCESS&ErrorDescription=User+was+a+portal+user

Any help would be much appreciated. 

( The question is also here: 
Carolina Ruiz MedinaCarolina Ruiz Medina
Note: the Ids are hardcoded only for testing purposes :) 
gaurav saxena 3gaurav saxena 3
Did any one found the solution for this issue. I am setting the same error. I am using first org community as a identity provider and second org community as service provider.