Open hobpet opened 5 years ago
I second this. We literally spent hours on this issue alone without any clue what was happening. Nowhere in the documentation mentioned this needs to be done after registration and it wasn't presented as an option during registration of the application in AAD, maybe Azure changed their UI?
For those who are probably stuck, the symptom for us presented itself as (in our setup, we allow creating a new user via AAD, explicitly select the "Login" option under the plugin's setting "Prompt Type"):
We only discovered this after using the browser's developer tool to catch a response that says "id_token not enabled"
Documentation shall be updated to include a note that the ID tokens must be enabled under the Implicit Grant of the Azure AD Application. This setting is under the Authentication tab of the application configuration.