Tag: AzureAD

What’s Azure AD? Best go straight to the source for the description! Microsoft says:

“Azure Active Directory (Azure AD) is Microsoft’s multi-tenant, cloud based directory and identity management service. Azure AD combines core directory services, advanced identity governance, and application access management. Azure AD also offers a rich, standards-based platform that enables developers to deliver access control to their applications, based on centralized policy and rules.”

So, in short, you’ll manage cloud identities in Microsoft’s extended ecosystem with AAD. When you use Office 365, Azure or Intune, you’re using AAD implicitly.

You can use the Azure portal to add or modify a few users. Alternatively, you can synchronize your identities from an on-premises Active Directory instance using Azure AD Connect (which replaces DirSync).

Azure Active Directory (Azure AD)

Why should you care about it?

In practice, for a developer Azure AD typically comes into play when one needs to handle authentication to their app functioning in Microsoft’s ecosystem. If you’re doing anything with Azure of Office 365, chances are you’re already running into different Azure Active Directory errors every now and then! Even for a normal user, who’s doing nothing out of the ordinary, some of the error messages – often starting with AADSTS – might’ve become quite familiar!

So all in all, Azure AD is s definitely a worthy topic for a developer like me who spends a lot of his time with SharePoint and Office365 😁

What are these posts about?

These blog posts handle different configuration tips when using Azure Active Directory. Basically, I’m describing different things you can do to solve different errors with AAD, and how to develop apps using it.

Did I mention errors? Yes – in fact, yes I did! A lot of my posts are focused around solving issues with different authentication configurations. You typically encounter an error with a code that starts with “AADSTS” – some typical ones would be AADSTS65001 and AADSTS50011. My blog articles aim to produce different solutions to these errors, that are often fixed by fairly simple configuration changes.

Iterating Group memberships using Claims in .NET Core

Another case, where there’s plenty of documentation, but it just doesn’t seem to be comprehensive enough or just doesn’t apply for any of the cases that I have – for whatever reason. Maybe my cases are wrong, or I’m just bad at googling, but I’ve struggled to find a good…Continue reading Iterating Group memberships using Claims in .NET Core

Encountering AADSTS700054 in the wild. Always a bother - but let me tell you how to fix it!

How to fix “AADSTS700054: response_type ‘id_token’ is not enabled for the application” error

Another day, another unsuccessful authentication attempt, and another cool error code. I encountered his one whilst building a little POC that was supposed to authenticate against Graph API. This time, I was thrown an “AADSTS700054” error… But no worries! This article will explain to you how to fix it, at…Continue reading How to fix “AADSTS700054: response_type ‘id_token’ is not enabled for the application” error

How to fix an “AADSTS500113: No reply address is registered for the application” error?

This article describes how to fix the “AADSTS500113: no-reply address is registered for the application” error. You typically get this error, when your app is trying to authenticate your users against Azure Active Directory. I have been posting about different versions of the Azure Active Directory authentication errors (different errors…Continue reading How to fix an “AADSTS500113: No reply address is registered for the application” error?

“Connecting to site failed: ‘.’, hexadecimal value 0x00, is an invalid character.”, when trying to connect to SharePoint Online

This was a peculiar case! A cloud-based “service account” (in quotes, since it’s really just a non-personal user account) on a tenant with ADFS enabled started suddenly getting this error while running console programs configured as scheduled tasks. Connecting to site failed: ‘.’, hexadecimal value 0x00, is an invalid character.

Have you tried turning it off and on again?

How to fix “AADSTS90008: The user or administrator has not consented to use the application”?

A couple of days ago, I got a comment asking how to fix error AADSTS90008 when developing an application using Azure Active Directory The error in question was this: AADSTS90008: The user or administrator has not consented to use the application with ID ‘[guid]’. This happened because application is misconfigured:…Continue reading How to fix “AADSTS90008: The user or administrator has not consented to use the application”?

How to get the user count for Azure AD Enterprise Application

Have you ever tried to find out the number of users of an enterprise application in your Office 365 tenant? This could be needed for multiple different reasons: maybe your organization is paying for the app and you want to know who’s actually using it, maybe the usage is required…Continue reading How to get the user count for Azure AD Enterprise Application

Fixing an “AADSTS70005” issue by enabling the implicit authentication flow for your Azure AD app

This article explains the most typical reasons why you might get an error with an “AADSTS70005” code, and how to fix it. Spoiler alert – it usually just requires enabling Azure AD implicit grant flow for authentication! And let me show you – step by step – how to do…Continue reading Fixing an “AADSTS70005” issue by enabling the implicit authentication flow for your Azure AD app

AADSTS50011: The reply address ... does not match the reply addresses configured for the application.

How to fix “AADSTS50011: Reply address did not match because of case sensitivity.”

So, you got an AADSTS50011 error code? It’s just Azure AD’s authentication acting up because of an invalid reply address! Here are a bunch of different reasons that could have led to this error. This post describes the variant where the URL’s case sensitivity differs from what’s configured. For me,…Continue reading How to fix “AADSTS50011: Reply address did not match because of case sensitivity.”

How to fix “AADSTS50011: The reply address does not match the reply addresses configured” -error

So, you have an error with the code AADSTS50011? That’s ok – it’s just Azure AD‘s authentication acting up because of invalid reply URLs! Most of the time, it’s a simple configuration issue. Since there might be a couple of different reasons for this error, this post also describes a…Continue reading How to fix “AADSTS50011: The reply address does not match the reply addresses configured” -error

How to fix AADSTS50059: No tenant-identifying information found in either the request or implied by any provided credentials.

Have you run into the cryptical “AADSTS50059: No tenant-identifying information found in either the request or implied by any provided credentials.” error? I have. This post will tell you how to fix it. How to fix AADSTS50059? I encountered this error while trying to reload a page with some JavaScript…Continue reading How to fix AADSTS50059: No tenant-identifying information found in either the request or implied by any provided credentials.

#SharePointProblems

Solutions are worthless unless shared! Antti K. Koskela's Personal Professional Blog