Encountering AADSTS700054 in the wild. Always a bother - but let me tell you how to fix it!

How to fix “AADSTS700054: response_type ‘id_token’ is not enabled for the application” error

This article will explain to you how to fix the error “AADSTS700054” Another day, another unsuccessful authentication attempt, and another cool error code. This one I encountered when building a little POC that was supposed to authenticate against Graph API. Problem When developing your client-side solution (an SPFx webpart, React app, ASP.NET MVC application with some client-side components… Your pick!), you run into this error when your code tries to authenticate against Azure AD: AADSTS700054: response_type ‘id_token’ is not enabled for the application. And nothing…Continue reading How to fix “AADSTS700054: response_type ‘id_token’ is not enabled for the application” error

Azure Active Directory, the advanced logo

How to fix “AADSTS500113: No reply address is registered for the application” error?

This article describes how to fix the error “AADSTS500113: no reply address is registered for the application”. You typically get this error, when your app is trying to authenticate your users against Azure Active Directory. I’ve been posting about different versions of Azure Active Directory authentication errors (different errors with AADSTS -codes) a lot – I’ll need to find a better way to categorize them in the future. But, for now, on to the issue! Problem Another day, another app, another reply address -related authentication…Continue reading How to fix “AADSTS500113: No reply address is registered for the application” error?

Azure Active Directory (Azure AD)

“Connecting to site failed: ‘.’, hexadecimal value 0x00, is an invalid character.”, when trying to connect to SharePoint Online

This was a peculiar case! A cloud-based “service account” (in quotes, since it’s really just a non-personal user account) on a tenant with ADFS enabled started suddenly getting this error, while running console programs configured as scheduled tasks. Connecting to site failed: ‘.’, hexadecimal value 0x00, is an invalid character. Posts Related to “”Connecting to site failed: ‘.’, hexadecimal value 0x00, is an invalid character.”, when trying to connect to SharePoint Online”:The Scary Anatomy of a Microsoft License Fraud5 ways to enable Custom Scripts for…Continue reading “Connecting to site failed: ‘.’, hexadecimal value 0x00, is an invalid character.”, when trying to connect to SharePoint Online

Have you tried turning it off and on again?

How to fix “AADSTS90008: The user or administrator has not consented to use the application”?

A couple of days ago, I got a comment asking how to fix error AADSTS90008 when developing an application using Azure Active Directory The error in question was this: AADSTS90008: The user or administrator has not consented to use the application with ID ‘[guid]’. This happened because application is misconfigured: it must require access to Windows Azure Active Directory by specifying at least ‘Sign in and read user profile’ permission. While the error itself is usually fairly simple, explaining what to do in a comment…Continue reading How to fix “AADSTS90008: The user or administrator has not consented to use the application”?

PowerShell header

How to get the user count for Azure AD Enterprise Application

Have you ever tried to find out the number of users of an enterprise application in your Office 365 tenant? This could be needed for multiple different reasons: maybe your organization is paying for the app and you want to know who’s actually using it, maybe the usage is required by a company policy and it’s useful to know if organization’s members are actually using it, or maybe you just want to know about the user adoption of an app. For apps with under 100…Continue reading How to get the user count for Azure AD Enterprise Application

Azure Active Directory (Azure AD)

Fixing issue “AADSTS70005” by enabling the implicit authentication flow for your Azure AD app

Another day, another Azure Active Directory error! So what’s this AADSTS70005 all about? While either developing or just trying to use an application that authenticates against Azure AD, you might get an error message that contains error code “AADSTS70005“. This means that you’re trying to use implicit authentication flow, but it isn’t allowed for your app. If you have access to the Azure AD you’re authentication against, it’s easy to fix! See more below… Reason You might get an error, somewhat like this: AADSTS70005: response_type ‘token’…Continue reading Fixing issue “AADSTS70005” by enabling the implicit authentication flow for your Azure AD app

AADSTS50011: The reply address ... does not match the reply addresses configured for the application.

How to fix “AADSTS50011: Reply address did not match because of case sensitivity.”

So, you got an error with a code AADSTS50011? It’s just Azure AD’s authentication acting up because of invalid reply address! here’s a bunch of different reasons that lead to this error. This post describes the variant where the URL’s case sensitivity differns from what’s configured. For me, the most typical scenario where I run into this error is accessing the app from SharePoint. Problem So, you’re getting an error somewhat like this: AADSTS50011: The reply address <…> does not match the reply addresses configured…Continue reading How to fix “AADSTS50011: Reply address did not match because of case sensitivity.”

Azure Active Directory (Azure AD)

How to fix “AADSTS50011: The reply address does not match the reply addresses configured” -error

So, you got an error with a code AADSTS50011? That’s ok – it’s just Azure AD’s authentication acting up because of invalid reply URLs! Since there might be a couple of different reasons for this error, this post also describes a couple of different solutions, that might help you overcome the issues. Problem So, you’re getting an error somewhat like this: But why? Did you mess something up? Well, if you’re the person who configured the app you’re trying to use, you probably did! Although…Continue reading How to fix “AADSTS50011: The reply address does not match the reply addresses configured” -error

SOLVE ALL THE ERRORS!

How to fix AADSTS50059: No tenant-identifying information found in either the request or implied by any provided credentials.

Have you run into the cryptical “AADSTS50059: No tenant-identifying information found in either the request or implied by any provided credentials.” error? I have. This post will tell you how to fix it. How to fix AADSTS50059? I encountered this error while trying to reload a page with some JavaScript that authenticates against Graph API. It completely blocks the functionality, as it redirects the user to login page. Luckily, at least in my case, this was easily fixed! Your error might look something like this:…Continue reading How to fix AADSTS50059: No tenant-identifying information found in either the request or implied by any provided credentials.

AADSTS90013: Invalid input received from the user. (header thumbnail)

Solving error “AADSTS90013: Invalid input received from the user”

I stumbled upon a customer, that complained about some pages in their intranet throwing weird errors with authentication. Those pages seemed to have one thing in common – there was a Yammer embed (or a SharePoint script webpart with Yammer embed script in it, to be precise) there. The error code they got was “AADSTS90013: Invalid input received from the user”. Below, you can see an example of the error screen. Okay – this is going to be extremely specific, and probably won’t solve the…Continue reading Solving error “AADSTS90013: Invalid input received from the user”

Office 365 Planner logo

How to form links to Planner tasks

Office 365 Planner is a neat tool for task management. However, when you, for whatever use case, need to form urls that point you towards a single task (or a bucket, or a plan for that matter), you might run into trouble with how the url is formed. Custom domains actually make it a bit complicated, but luckily there’s a workaround! Description of the issue If you have multiple domains in your Azure AD, your Planner might end up using your custom domain in its…Continue reading How to form links to Planner tasks

Call to sites Graph API requires “owner” permissions for site collection regardless of app permissions

Okay – yet another weird issue, and a hacky workaround. I was developing an app that was calling a SharePoint site through Graph API, using jQuery $.ajax call (developed in TypeScript), and ran into surprising 401 errors. I did find a workaround, but am also working on an actual fix. Description To get SharePoint site ID, which is needed when accessing SharePoint lists, the calls seemed to fail for my test accounts. Everything was working fine for my developer account, which was a global admin,…Continue reading Call to sites Graph API requires “owner” permissions for site collection regardless of app permissions

Azure AD Login error

4 ways to fix error AADSTS65001 (The user or administrator has not consented to use the application)

Have you run into error AADSTS65001 with your application, that tries to authenticate against Azure AD? I sure have – seems to happen at least every other time when I’m building something that uses AAD to authenticate against SharePoint. Fixing issues with Azure AD authentication for Enterprise applications can be tricky. But a lot of the time, this is just another Azure Active Directory error that we can fix easily. This article contains multiple different solutions to the issue, where granting admin consent has somehow…Continue reading 4 ways to fix error AADSTS65001 (The user or administrator has not consented to use the application)

Azure Active Directory (Azure AD)

How to use the Azure AD associated with your SharePoint Online

With the usual configuration of Office 365 and Azure, there might be multiple Azure AD (AAD) instances associated with your subscription. When creating registrations to whatever SharePoint-related apps that you might be using, if you create the registration to the wrong Azure AD, it can’t access the data in your SharePoint. Or at least without further configurations, it probably won’t get any data from your Office Graph API or whatever else you might want to use.  How to find the instance of Azure AD associated…Continue reading How to use the Azure AD associated with your SharePoint Online