Hi,
We have set up an Enterprise connection, Azure AD as IdP, with the Identifier First login flow. When we try the connection from Enterprise Connection → Connection Name → Try, we can successfully login.
However, when the try the login box (Dashboard, Try it now) we are successfully redirected to microsoft login page however we are not able to authenticate. Azure returns the following error.
{
"error": "access_denied",
"error_description": "AADSTS650056: Misconfigured application. This could be due to one of the following: the client has not listed any permissions for 'AAD Graph' in the requested permissions in the client's application registration. Or, the admin has not consented in the tenant. Or, check the application identifier in the request to ensure it matches the configured client application identifier. Or, check the certificate in the request to ensure it's valid. Please contact your admin to fix the configuration or consent on behalf of the tenant. Client app ID: 7f246f92-4633-45a4-950c-a7e74c962f94.\r\nTrace ID: 7ca62734-b27a-48fe-902b-92ae0b0c4700\r\nCorrelation ID: 5c140032-452f-4378-ad0f-7480d2fcb628\r\nTimestamp: 2023-04-21 10:15:28Z"
}
I wonder if there is an additional config we have to for Home Realm.
Thanks in advance,