Azure AD

If you're setting up Single Sign-On (SSO) with Azure AD, you might come across some error codes. We've compiled a list of these error codes and their corresponding solutions to help you troubleshoot any issues that may come up during the process. So, refer to this table to fix any problems you may face while setting up SSO with Azure AD.

Error Description
invalid_request To fix this issue, please configure the correct Authorization Endpoint in the plugin. You can confirm the correct format of the endpoint from here.
invalid_client To fix this issue, please configure the correct Client Secret in the plugin. You can refer to this step to configure correct client secret in the setup guide.
invalid_resource To fix this issue, please configure the 'common' endpoints in the plugin or add user in the tenant . You can refer to this setup guide to configure the common endpoints.
AADSTS50011 To fix this issue, please configure the correct Redirect URL in the Azure AD Developer application from the plugin . You can refer to this steps in the setup guide.
AADSTS700016 To fix this issue, please configure the correct Client ID in the plugin. You refer to this steps to configure correct client ID in the setup guide.
AADSTS7000215 To fix this issue, please configure the correct Client Secret in the plugin. You refer to this steps to configure correct client secret in the setup guide.
AADSTS50020 To fix this issue, please configure the 'common' endpoints in the plugin or add user in the tenant . You can refer to this setup guide to configure the common endpoints.
AADSTS900023 To fix this issue, please configure the correct tenant id in the plugin from Azure Developer app. You can configure the correct tenant id by following this steps from the setup guide.

Frequently Asked Questions

Error Description
WordPress site SSO isn’t working due to admin permission issues from the Azure AD end. To enable the admin consent workflow at Azure’s end, please follow these steps.
Azure AD is not returning email attribute to client at the time of SSO There are some cases when the Email attribute is not returned by Azure. There is a need of adding extra claims on Azure side. To resolve it please follow these steps.
Facing issues while configuring Azure AD password grant with WordPress OAuth Client SSO plugin? Azure AD recently released OAuth 2.0 endpoints. You need to replace the token endpoint with the one below. You also need to change the grant type to password grant in the dropdown and replace the tenant ID with your Azure AD tenant ID. To resolve it please refer to this step.
How to login with guest users outside of your Azure directory or allow login with personal Microsoft accounts at the time of Single Sign-On (SSO)? / How to resolve AADSTS50020 User account does not exist error with Azure AD tenant at the time of Single Sign-On (SSO)? To achieve this Please follow these steps.