Skip to content

Error when creating an app registration with "oauth2AllowIdTokenImplicitFlow": true and replyUrlsWithType #28718

Description

@laura-damian

We create an app registration with replyUrls and implicit grant and hybrid flows set to true.

We used to run the following command for this that worked until a few days ago.
Now we get this error: Expected property 'oauth2AllowIdTokenImplicitFlow' is not present on resource of type 'RequiredResourceAccess'

EUROPE+ladamian@DESKTOP ~/projects/
$ az ad app create --display-name myappreg --required-resource-accesses @template_app_reg.json
ERROR: Expected property 'oauth2AllowIdTokenImplicitFlow' is not present on resource of type 'RequiredResourceAccess'

EUROPE+ladamian@DESKTOP ~/projects/
$ cat template_app_reg.json
[
{
"resourceAppId": "00000003-0000-0000-c000-000000000000",
"resourceAccess": [
{
"id": "e1fe6dd8-ba31-4d61-89e7-88639da4683d",
"type": "Scope"
}
],
"oauth2AllowIdTokenImplicitFlow": true,
"oauth2AllowImplicitFlow": true,
"replyUrlsWithType": [
{
"url": "https://webapp.azurewebsites.net/redirect",
"type": "Spa"
}
]
}
]

Related command

az ad app create

Errors

The error: ERROR: Expected property 'oauth2AllowIdTokenImplicitFlow' is not present on resource of type 'RequiredResourceAccess'

Issue script & Debug output

INFO: cli.azure.cli.core.util: {"error":{"code":"Request_BadRequest","message":"Expected property 'oauth2AllowIdTokenImplicitFlow' is not present on resource of type 'RequiredResourceAccess'","innerError":{"date":"2024-04-09T10:57:23","request-id":"2293bc01-c0c4-40f4-a8f1-572d6ffa9ebb","client-request-id":"2293bc01-c0c4-40f4-a8f1-572d6ffa9ebb"}}}

Expected behavior

The app registration should have been created.

Environment Summary

az --version
azure-cli 2.59.0

core 2.59.0
telemetry 1.1.0

Extensions:
aks-preview 0.5.146
application-insights 0.1.19
azure-iot 0.21.3
cosmosdb-preview 0.24.0
interactive 0.5.1
kusto 0.5.0
ml 2.23.0
storage-preview 0.8.4
stream-analytics 0.1.2

Dependencies:
msal 1.27.0
azure-mgmt-resource 23.1.0b2

Additional context

No response

Metadata

Metadata

Assignees

Labels

Auto-AssignAuto assign by botAzure CLI TeamThe command of the issue is owned by Azure CLI teamGraph(doesn't work with label-triggered comments; use Graph.Microsoft instead) az adact-identity-squadcustomer-reportedIssues that are reported by GitHub users external to the Azure organization.potential-pruningquestionThe issue doesn't require a change to the product in order to be resolved. Most issues start as that

Type

No type
No fields configured for issues without a type.

Projects

No projects

Relationships

None yet

Development

No branches or pull requests

Issue actions