Azure Active Directory (Azure AD)

Fixing an “AADSTS70005” issue by enabling the implicit authentication flow for your Azure AD app

This post was most recently updated on February 27th, 2022.

2 min read.

This article explains the most typical reasons why you might get an error with an “AADSTS70005” code, and how to fix it. Spoiler alert – it usually just requires enabling Azure AD implicit grant flow for authentication! And let me show you – step by step – how to do that.

Reason

Another day, another Azure Active Directory error! So what exactly is this AADSTS70005 all about?

While either developing or just trying to use an application that authenticates against Azure AD, you might get an error message that contains the error code “AADSTS70005“. This means that you’re trying to use an implicit authentication flow, but it isn’t allowed for your app.

You might get an error, somewhat like this:

AADSTS70005: response_type 'token' is not supported for the application Trace ID: <Guid_1> Correlation ID: <Guid_2> Timestamp...

This is returned by your Azure AD instance, as it doesn’t allow the use of implicit OAuth2 authentication flow for the application id you’re using.

If you have access to the Azure AD you’re authentication against, it’s easy to fix! See more below…

Solution: Enable the Implicit Authentication Flow

Okay, luckily the fix is likely going to be easy. You can resolve the issue by enabling the implicit authentication flow for OAuth2. There’s actually no switch in GUI for this – you’ll have to edit the manifest of your registered Azure AD application yourself.

Follow these steps:

Time needed: 10 minutes

How to enable implicit flow for your Azure AD app?

  1. Find your app registration

    First, navigate to your registered app in your Azure AD instance.

    If you’re working with SharePoint Online (like I was), see this article on how to find the correct instance:
    How to use the Azure AD associated with your SharePoint Online Tenant

  2. Access the Manifest editor

    Then open the Manifest editor from the “ribbon”. Refer to the example below:
    Manifest Editor on Azure AD

  3. Enable implicit flow for OAuth2

    Following that, you’ll need to edit the manifest to allow for implicit oauth2 authentication. See the highlighted row below:
    Editing manifest of an Azure AD application to allow implicit authentication flow

  4. Save and re-try!

    Then just hit “Save”, and try again.

It should work now! :) With any luck, you’re good to go.

The next error you’re probably going to get is AADSTS65001. This link explains how to fix that: 4 ways to fix the Azure Active Directory error AADSTS65001 (The user or administrator has not consented to use the application)

mm
5 1 vote
Article Rating
Subscribe
Notify of
guest

2 Comments
most voted
newest oldest
Inline Feedbacks
View all comments