PowerShell header

How to get the user count for Azure AD Enterprise Application

Reading Time: 3 minutes. Have you ever tried to find out the number of users of an enterprise application in your Office 365 tenant? This could be needed for multiple different reasons: maybe your organization is paying for the app and you want to know who’s actually using it, maybe the usage is required by a company policy and it’s useful to know if organization’s members are actually using it, or maybe you just want to know about the user adoption of an app. For apps with under 100 users it’s easy – just open Azure AD and check the user count. For more […]

Azure Active Directory (Azure AD)

Fixing issue “AADSTS70005” by enabling the implicit authentication flow for your Azure AD app

Reading Time: 2 minutes. While either developing or just trying to use an application that authenticates against Azure AD, you might get an error message that contains error code “AADSTS70005“. This means that you’re trying to use implicit authentication flow, but it isn’t allowed for your app. If you have access to the Azure AD you’re authentication against, it’s easy to fix! See more below… Reason You might get an error, somewhat like this: AADSTS70005: response_type ‘token’ is not supported for the application Trace ID: <Guid_1> Correlation ID: <Guid_2> Timestamp… This is returned by your Azure AD instance, as it doesn’t allow the use of […]

AADSTS50011: The reply address ... does not match the reply addresses configured for the application.

How to fix AADSTS50011: Reply address did not match because of case sensitivity.

Reading Time: 3 minutes. So, you got an error with a code AADSTS50011? It’s just Azure AD’s authentication acting up because of invalid reply address! here’s a bunch of different reasons that lead to this error. This post describes the variant where the URL’s case sensitivity differns from what’s configured. For me, the most typical scenario where I run into this error is accessing the app from SharePoint. Problem So, you’re getting an error somewhat like this: AADSTS50011: The reply address <…> does not match the reply addresses configured for the application: ‘<guid>’. More details: Reply address did not match because of case sensitivity. […]

AADSTS50011: The reply address ... does not match the reply addresses configured for the application.

How to fix AADSTS50011: The reply address does not match the reply addresses configured… error

Reading Time: 3 minutes. So, you got an error with a code AADSTS50011? That’s ok – it’s just Azure AD’s authentication acting up because of invalid reply URLs! Since there might be a couple of different reasons for this error, this post also describes a couple of different solutions, that might help you overcome the issues. Error So, you’re getting an error somewhat like this: But why? Did you mess something up? Well, if you’re the person who configured the app you’re trying to use, you probably did! Although Microsoft might still be the one to blame for that. Posts Related to “How to […]

SOLVE ALL THE ERRORS!

How to fix AADSTS50059: No tenant-identifying information found in either the request or implied by any provided credentials.

Reading Time: 4 minutes. Have you run into the cryptical “AADSTS50059: No tenant-identifying information found in either the request or implied by any provided credentials.” error? I have. This post will tell you how to fix it. How to fix AADSTS50059? I encountered this error while trying to reload a page with some JavaScript that authenticates against Graph API. It completely blocks the functionality, as it redirects the user to login page. Luckily, at least in my case, this was easily fixed! Your error might look something like this: Request Id: <guid> Correlation Id: <guid> Timestamp: 2018-04-27T20:58:36Z Message: AADSTS50059: No tenant-identifying information found in […]

AADSTS90013: Invalid input received from the user. (header thumbnail)

Solving error “AADSTS90013: Invalid input received from the user”

Reading Time: 3 minutes. I stumbled upon a customer, that complained about some pages in their intranet throwing weird errors with authentication. Those pages seemed to have one thing in common – there was a Yammer embed (or a SharePoint script webpart with Yammer embed script in it, to be precise) there. The error code they got was “AADSTS90013: Invalid input received from the user”. Below, you can see an example of the error screen. Okay – this is going to be extremely specific, and probably won’t solve the issue for all of you out there! But this is what worked for this customer: […]

Office 365 Planner logo

How to form links to Planner tasks

Reading Time: 3 minutes. Office 365 Planner is a neat tool for task management. However, when you, for whatever use case, need to form urls that point you towards a single task (or a bucket, or a plan for that matter), you might run into trouble with how the url is formed. Custom domains actually make it a bit complicated, but luckily there’s a workaround! Description of the issue If you have multiple domains in your Azure AD, your Planner might end up using your custom domain in its urls. However, if you need to develop some multi-tenant code, that works with any tenant […]

Call to sites Graph API requires “owner” permissions for site collection regardless of app permissions

Reading Time: 4 minutes. Okay – yet another weird issue, and a hacky workaround. I was developing an app that was calling a SharePoint site through Graph API, using jQuery $.ajax call (developed in TypeScript), and ran into surprising 401 errors. I did find a workaround, but am also working on an actual fix. Description To get SharePoint site ID, which is needed when accessing SharePoint lists, the calls seemed to fail for my test accounts. Everything was working fine for my developer account, which was a global admin, so the first thing I was suspecting was of course permissions… The first offending test […]

Azure AD Login error

4 ways to fix error AADSTS65001 (The user or administrator has not consented to use the application)

Reading Time: 6 minutes. Fixing issues with Azure AD authentication for Enterprise applications can be tricky. This article contains multiple different fixes to an issue, where granting admin consent has somehow failed. Not all of the different solutions will work for all situations, though! That’s why I included a couple of different options to try. Changes are, one of them works for you! 🙂 Reason for issues with Admin Consent (like AADSTS65001)? Imagine this: You’re trying to add or use an app, but the requires such permissions from your tenant, that only an administrator can grant. Typically to add this kind of an app, you’ll […]

Azure Active Directory (Azure AD)

How to use the Azure AD associated with your SharePoint Online

Reading Time: 3 minutes. With the usual configuration of Office 365 and Azure, there might be multiple Azure AD (AAD) instances associated with your subscription. When creating registrations to whatever SharePoint-related apps that you might be using, if you create the registration to the wrong Azure AD, it can’t access the data in your SharePoint. Or at least without further configurations, it probably won’t get any data from your Office Graph API or whatever else you might want to use.  How to find the instance of Azure AD associated with your SharePoint Online It’s simple, luckily!  Posts Related to “How to use the Azure […]