Getting GrantRequired error when user has a grant

Created a new OIDC app to mirror the config of another app which works without issue. With the new app, all but one user are getting

Login not possible. The user is required to have at least one grant on the application. Please contact your administrator. (Internal)

Login not possible. The user is required to have at least one grant on the application. Please contact your administrator. (Internal)

Login not possible. The user is required to have at least one grant on the application. Please contact your administrator. (Internal)

Login not possible. The user is required to have at least one grant on the application. Please contact your administrator. (Internal)

The users all have identical grants (they're created via terraform using a loop, so I'm sure they're identical).

Additionally if I disable

Check authorization on Authentication

Check authorization on Authentication

Check authorization on Authentication

Check authorization on Authentication and

Check for Project on Authentication

Check for Project on Authentication

Check for Project on Authentication

Check for Project on Authentication The users still get the same error message.

Any ideas?