Azure Connection Returning 'AADSTS500011' Error in Logs

Overview

During login with an Azure AD connection, the following error gets logged:

AADSTS500011: The resource principal named X was not found in the tenant named tenant_name. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You might have sent your authentication request to the wrong tenant.

Applies To

Cause

AADSTS500011 is an error returned by Microsoft Azure AD.

Solution

Please check the connection on the Auth0 side using this Management API endpoint.
Check any possible upstream_params scopes that have been set up for the connection in question:

“upstream_params”: {
“scope”: {
“value”: “”
}
}

NOTE: Any custom scopes set up in the connection will be automatically sent by Auth0 when connecting with Azure. Azure will reject any “unknown” scopes being sent with the above error “The resource principal named X was not found…”, X being the name of the custom scope configured on the connection.

Related References