I have an Excel plugin, which use Azure AD (ADAL) for authentication. I have made a second copy of the app and the needed changes in Azure AD. All user can use the first app. The second app I am the only one who can logon. They have the same rights like in the first app. What Azure give as error on logon is:
Error Code: 90094
Error reason: Other
I cannot find information for this error. What is returned to user is "Admin have to give privileges to this app". But the privileges are given. The same like in the first app.
Do you have any information for this error code?
P.S. What I found is, that this is connected with required permissions from the app. If I add an user, who is a Global Administrator in Azure AD, after logon comes a window "The app needs permission to: ... (Accept,Cancel)" and after that he can use the app, even if he is changed to normal user. If the user is normal Azure AD user, this windows does not appear and he is rejected with the error 90094. The same happens with an user, who is Limited Administrator and it does not matter what for admin role he has.
P.S. 2
On my support request, Microsoft support did not tell me what this error means ("This is a custom application and there is no info about this error. There would be info if this was an enterprise application").
After deleting the app registration and make it again, there is no more such a problem. And I cannot reproduce it (I have tried hard :) ). And if you give me an answer, I cannot prove it. So you can look on this question as closed.
1 Answers
Answers 1
I had a similar problem where the error occurred if anybody other than a Global Administrator was the one that created the AAD app registration. It came down to a subtle difference in the way Azure AD sets permissions for the application based on who sets the application permissions in the old Management Portal. I don't know if they have this problem in the new Resource Manager portal, or if it's even the same case as what you're encountering without more information.
0 comments:
Post a Comment