Zero Trust Azure AD Authentication for Group not working

Hello, I’m In a Test-Phase to decide If we use Zero Trust or not.
I’ve already setup the following:

  • AzureAD Authentication
  • Azure AD SCIM
  • Installed a tunnel in our Office Network
  • Set-up Split Tunnel

Now I created a Private Net Application with 2 Basic BlockAll and Allow.
Allow is the first in Priority, block the second

If i use the Azure AD Group IT-Admins like here, it works.

If I change it to my “AllowStudiostation” AzureAD Group it stops working and i cant access it. In the log it shows the BlockAll rule got applied for my request now instead of the Allow rule.

When I go to Settings → Authentication → AzureAD → Test I can confirm that my User is in Both Groups. I deleted some data from the JSON here.

{
  "name": "",
  "email": "",
  "amr": [
    "rsa",
    "mfa"
  ],
  "groups": [
    {
      "id": "",
      "name": "IT-Admins"
    },
    {
      "id": "",
      "name": "HOS-EndpointSettings"
    },
    {
      "id": "",
      "name": "IT"
    },
    {
      "id": "",
      "name": "Admins"
    },
    {
      "id": "",
      "name": "IT Admin Backlog"
    },
    {
      "id": "",
      "name": "IT-Team"
    },
    {
      "id": "",
      "name": "AllowStudiostation"
    },
    {
      "id": "",
      "name": "alle"
    },
    {
      "id": "",
      "name": "AllowVPN"
    }
  ]
}

Does anyone has the same problem? Thanks!

ne vous inquete pas j ai le meme probleme pour azure ainsi pour google