This post was most recently updated on February 27th, 2022.
2 min read.This article explains the most typical reasons why you might get an error with an “AADSTS70005” code, and how to fix it. Spoiler alert – it usually just requires enabling Azure AD implicit grant flow for authentication! And let me show you – step by step – how to do that.
Reason
Another day, another Azure Active Directory error! So what exactly is this AADSTS70005 all about?
While either developing or just trying to use an application that authenticates against Azure AD, you might get an error message that contains the error code “AADSTS70005“. This means that you’re trying to use an implicit authentication flow, but it isn’t allowed for your app.
You might get an error, somewhat like this:
AADSTS70005: response_type 'token' is not supported for the application Trace ID: <Guid_1> Correlation ID: <Guid_2> Timestamp...
This is returned by your Azure AD instance, as it doesn’t allow the use of implicit OAuth2 authentication flow for the application id you’re using.
If you have access to the Azure AD you’re authentication against, it’s easy to fix! See more below…
Solution: Enable the Implicit Authentication Flow
Okay, luckily the fix is likely going to be easy. You can resolve the issue by enabling the implicit authentication flow for OAuth2. There’s actually no switch in GUI for this – you’ll have to edit the manifest of your registered Azure AD application yourself.
Follow these steps:
Time needed: 10 minutes
How to enable implicit flow for your Azure AD app?
- Find your app registration
First, navigate to your registered app in your Azure AD instance.
If you’re working with SharePoint Online (like I was), see this article on how to find the correct instance:
How to use the Azure AD associated with your SharePoint Online Tenant - Access the Manifest editor
Then open the Manifest editor from the “ribbon”. Refer to the example below:
- Enable implicit flow for OAuth2
Following that, you’ll need to edit the manifest to allow for implicit oauth2 authentication. See the highlighted row below:
- Save and re-try!
Then just hit “Save”, and try again.
It should work now! :) With any luck, you’re good to go.
The next error you’re probably going to get is AADSTS65001. This link explains how to fix that: 4 ways to fix the Azure Active Directory error AADSTS65001 (The user or administrator has not consented to use the application)
- How to fix PowerToys FancyZones in Windows 11? - September 24, 2024
- How to export the whole SSL (or TLS) certificate chain based on the original using PowerShell? - September 17, 2024
- How to solve keyboard shortcuts not working in Google Chrome on Windows? - September 10, 2024