Skip to content

Cannot get Auth Code in Oauth2 from Microsoft Azure Application

Overview

You cannot get an Auth Code in Oath2 from a single-tenant Microsoft Azure Application because the access token string is

https://login.microsoftonline.com/common/oauth2/v2.0/token

when it should be:

https://login.microsoftonline.com/<tenant ID>/oauth2/v2.0/token

Reproduction steps

  1. Click on Admin -> Oauth2 Administration
  2. Select Microsoft Exchange Online
  3. Click on Add token and enter an MS account

Current behaviour

AADSTS50194: Application '226037fb-d13a-4f81-ba32-561601248bea'(MissionAssist Mail) is not configured as a multi-tenant application. Usage of the /common endpoint is not supported for such applications created after '10/15/2018'. Use a tenant-specific endpoint or configure the application to be multi-tenant.

Expected behaviour

A token should be added.

Environment information

  • Browser: Edge but probably not relevant
  • CiviCRM: 5.36.1
  • PHP: 7.4.16_ but probably not relevant
  • CMS: Drupal 9.1.7 but probably not relevant.
  • Database: MySQL 8.0.24 but probably not relevant
  • Web Server: IIS but probably not relevant.

Comments

It would be good if the setup could prompt for the tenant ID>

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information