Description
When you try create an Azure AD app from the manifest you get error.
Steps to reproduce
Save the following manifest to a file:
{
"id": "95cfe30d-ed44-4f9d-b73d-c66560f72e83",
"acceptMappedClaims": null,
"accessTokenAcceptedVersion": null,
"addIns": [],
"allowPublicClient": null,
"appId": "ff254847-12c7-44cf-921e-8883dbd622a7",
"appRoles": [],
"oauth2AllowUrlPathMatching": false,
"createdDateTime": "2022-02-07T08:51:18Z",
"description": null,
"certification": null,
"disabledByMicrosoftStatus": null,
"groupMembershipClaims": null,
"identifierUris": [
"api://24c4-2001-1c00-80c-d00-e5da-977c-7c52-5193.ngrok.io/ff254847-12c7-44cf-921e-8883dbd622a7"
],
"informationalUrls": {
"termsOfService": null,
"support": null,
"privacy": null,
"marketing": null
},
"keyCredentials": [],
"knownClientApplications": [],
"logoUrl": null,
"logoutUrl": null,
"name": "Angular Teams app",
"notes": null,
"oauth2AllowIdTokenImplicitFlow": false,
"oauth2AllowImplicitFlow": false,
"oauth2Permissions": [
{
"adminConsentDescription": "Access as a user",
"adminConsentDisplayName": "Access as a user",
"id": "cf38eb5b-8fcd-4697-9bd5-d80b7f98dfc5",
"isEnabled": true,
"lang": null,
"origin": "Application",
"type": "User",
"userConsentDescription": null,
"userConsentDisplayName": null,
"value": "access_as_user"
}
],
"oauth2RequirePostResponse": false,
"optionalClaims": null,
"orgRestrictions": [],
"parentalControlSettings": {
"countriesBlockedForMinors": [],
"legalAgeGroupRule": "Allow"
},
"passwordCredentials": [],
"preAuthorizedApplications": [
{
"appId": "5e3ce6c0-2b1f-4285-8d4b-75ee78787346",
"permissionIds": [
"cf38eb5b-8fcd-4697-9bd5-d80b7f98dfc5"
]
},
{
"appId": "1fec8e78-bce4-4aaf-ab1b-5451cc387264",
"permissionIds": [
"cf38eb5b-8fcd-4697-9bd5-d80b7f98dfc5"
]
}
],
"publisherDomain": "M365x61791022.onmicrosoft.com",
"replyUrlsWithType": [
{
"url": "http://localhost/auth",
"type": "Spa"
},
{
"url": "https://24c4-2001-1c00-80c-d00-e5da-977c-7c52-5193.ngrok.io/auth",
"type": "Spa"
}
],
"requiredResourceAccess": [
{
"resourceAppId": "00000003-0000-0000-c000-000000000000",
"resourceAccess": [
{
"id": "e1fe6dd8-ba31-4d61-89e7-88639da4683d",
"type": "Scope"
}
]
}
],
"samlMetadataUrl": null,
"serviceManagementReference": null,
"signInUrl": null,
"signInAudience": "AzureADMyOrg",
"tags": [],
"tokenEncryptionKeyId": null
}Execute:
m365 aad app add --manifest @manifest.json --save
Expected results
Azure AD app created and configured as defined in the manifest
Actual results
Error: Unexpected contents in the request body
Diagnostics
No response
CLI for Microsoft 365 version
latest from main
nodejs version
v16
Operating system (environment)
macOS
Shell
zsh
cli doctor
No response
Additional Info
The issue seems to be related to preAuthorizedApplications. When you remove it, you get another error related to oauth2Permissions.lang and oauth2Permissions.origin. With these two properties removed, the AAD app is being created without errors.
Description
When you try create an Azure AD app from the manifest you get error.
Steps to reproduce
Save the following manifest to a file:
{ "id": "95cfe30d-ed44-4f9d-b73d-c66560f72e83", "acceptMappedClaims": null, "accessTokenAcceptedVersion": null, "addIns": [], "allowPublicClient": null, "appId": "ff254847-12c7-44cf-921e-8883dbd622a7", "appRoles": [], "oauth2AllowUrlPathMatching": false, "createdDateTime": "2022-02-07T08:51:18Z", "description": null, "certification": null, "disabledByMicrosoftStatus": null, "groupMembershipClaims": null, "identifierUris": [ "api://24c4-2001-1c00-80c-d00-e5da-977c-7c52-5193.ngrok.io/ff254847-12c7-44cf-921e-8883dbd622a7" ], "informationalUrls": { "termsOfService": null, "support": null, "privacy": null, "marketing": null }, "keyCredentials": [], "knownClientApplications": [], "logoUrl": null, "logoutUrl": null, "name": "Angular Teams app", "notes": null, "oauth2AllowIdTokenImplicitFlow": false, "oauth2AllowImplicitFlow": false, "oauth2Permissions": [ { "adminConsentDescription": "Access as a user", "adminConsentDisplayName": "Access as a user", "id": "cf38eb5b-8fcd-4697-9bd5-d80b7f98dfc5", "isEnabled": true, "lang": null, "origin": "Application", "type": "User", "userConsentDescription": null, "userConsentDisplayName": null, "value": "access_as_user" } ], "oauth2RequirePostResponse": false, "optionalClaims": null, "orgRestrictions": [], "parentalControlSettings": { "countriesBlockedForMinors": [], "legalAgeGroupRule": "Allow" }, "passwordCredentials": [], "preAuthorizedApplications": [ { "appId": "5e3ce6c0-2b1f-4285-8d4b-75ee78787346", "permissionIds": [ "cf38eb5b-8fcd-4697-9bd5-d80b7f98dfc5" ] }, { "appId": "1fec8e78-bce4-4aaf-ab1b-5451cc387264", "permissionIds": [ "cf38eb5b-8fcd-4697-9bd5-d80b7f98dfc5" ] } ], "publisherDomain": "M365x61791022.onmicrosoft.com", "replyUrlsWithType": [ { "url": "http://localhost/auth", "type": "Spa" }, { "url": "https://24c4-2001-1c00-80c-d00-e5da-977c-7c52-5193.ngrok.io/auth", "type": "Spa" } ], "requiredResourceAccess": [ { "resourceAppId": "00000003-0000-0000-c000-000000000000", "resourceAccess": [ { "id": "e1fe6dd8-ba31-4d61-89e7-88639da4683d", "type": "Scope" } ] } ], "samlMetadataUrl": null, "serviceManagementReference": null, "signInUrl": null, "signInAudience": "AzureADMyOrg", "tags": [], "tokenEncryptionKeyId": null }Execute:
Expected results
Azure AD app created and configured as defined in the manifest
Actual results
Error: Unexpected contents in the request body
Diagnostics
No response
CLI for Microsoft 365 version
latest from main
nodejs version
v16
Operating system (environment)
macOS
Shell
zsh
cli doctor
No response
Additional Info
The issue seems to be related to
preAuthorizedApplications. When you remove it, you get another error related tooauth2Permissions.langandoauth2Permissions.origin. With these two properties removed, the AAD app is being created without errors.