Here I am listing down all the possible solutions for 401 Unauthorized Error during AAD configuration for your App Service or Resources.
The scenario can be like this:
- You are able to Authenticate & Get a Valid Token
- While presenting the Token for service access the Error 401 Unauthorized is happening
Solution 1: Ensure Resource Parameter
Ensure that while requesting the Authentication Token you are specifying the resource parameter. Without the parameter you will still get the token but the 401 Error will occur as there is no valid resource.
Solution 2: Ensure App ID URI mentioned in the Service
Go to App Services > Authentication blade > Advanced Settings
Solution 3: Delete & Create new App Registration
Some of the configuration errors will be tricky to find – especially in restricted access production environments. So you can try following:
- Delete the App Registration
- Create new App Registration
- Set the new App Registration parameters in App Service
Solution 4: View Application Logs
Go to Log Streaming to view the Application Logs.
You can search on the Detailed error code (401.83) OR IDX10214 error code for more details.
Solution 5: View Kudu Logs
You can see the Authentication Token is passed or not through the Kudu > Debug Console > CMD > W3SVC Logs.
Summary
In this post we have seen how to troubleshoot AAD Authorization Error. If you find another solution not listed here, please comment below so I can update back in the article. Help us to Help you!
References