AADSTS error codes (Microsoft)
Always match the client ID in LIRENO with the Entra app.
| Code | Meaning | What to do |
|---|---|---|
| AADSTS500113 | No reply address for the app | Add Web URI exactly as LIRENO callback on the same app as the client ID |
| AADSTS700016 | App not found in tenant / wrong app | Check client ID belongs to this directory; set tenant ID |
| AADSTS90002 / AADSTS900023 | Tenant not found / invalid | Check Azure Tenant ID in LIRENO |
| AADSTS50194 | Single-tenant app with common | Enter Tenant ID in LIRENO (do not leave empty) |
| AADSTS65001 | Consent not granted | Admin consent in Entra; Connect again |
| AADSTS7000215 | Invalid client secret | Create new secret; save value (not secret ID) in LIRENO |
| AADSTS50011 | Redirect URI mismatch | URI must match byte-for-byte (https, no trailing /, Web platform) |
| AADSTS65005 | Missing resource/scopes | Check Graph permissions |
| AADSTS70000 | Auth code invalid/expired | Restart Hub → Connect; do not reuse URL |
Redirect URI checklist
- [ ] Platform Web (not SPA)
- [ ]
https:// - [ ] Host
api.dev.lireno.chorapi.lireno.ch - [ ] Path
/api/v1/integrations/microsoft365/oauth/callback - [ ] No trailing slash
- [ ] Identical in Entra and LIRENO
- [ ] Client ID = that app’s Application ID
