The cause of BadTenantIdInChallenge

[tmori-aim]

Hello.

Intune: Create SCEP Certificate Profile on Tenant A AzureAD: Register application in Tenant B In this state, when I called ValidateRequest, I got the following error response (BadTenantIdInChallenge).

<ValidateRequest,> https://learn.microsoft.com/ja-jp/mem/intune/protect/scep-libraries-apis#validaterequest-method

2022-10-23 16:05:32,001  INFO PkiItService -[ajp-nio-8049-exec-8] - transactionId : 4e89b80dcbf3a79d1c281fd7796228066046aac1
2022-10-23 16:05:32,002  INFO IntuneClient -[ajp-nio-8049-exec-8] - Refreshing service map from Microsoft.Graph
2022-10-23 16:05:33,085  INFO IntuneScepServiceClient -[ajp-nio-8049-exec-8] - Activity 0bd7ef94-23f9-45da-b4b0-134d8d954020 has completed.
2022-10-23 16:05:33,085  INFO IntuneScepServiceClient -[ajp-nio-8049-exec-8] - {"code":"BadTenantIdInChallenge","errorDescription":"Failed to parse the tenant id in the challenge.tenantId in challenge does not match tenantId from security token.","@odata.context":"https://fef.msuc05.manage.microsoft.com/RACerts/StatelessScepRequestValidationService/641b43b0-ffff-9953-0915-102113131035/$metadata#microsoft.management.services.scepRequestValidationService.api.scepActionResult"}
2022-10-23 16:05:33,086  WARN IntuneScepServiceException -[ajp-nio-8049-exec-8] - Error Code value not expected: BadTenantIdInChallenge
2022-10-23 16:05:33,086  WARN IntuneScepServiceClient -[ajp-nio-8049-exec-8] - ActivityId:0bd7ef94-23f9-45da-b4b0-134d8d954020,TransactionId:4e89b80dcbf3a79d1c281fd7796228066046aac1,ErrorCode:BadTenantIdInChallenge,ErrorDescription:Failed to parse the tenant id in the challenge.tenantId in challenge does not match tenantId from security token.

When does this error occur? What are the specifications?

[g-mattsson]

Hi, we are getting the same error in a new setup as well. Did you ever manage to solve this?