unauthorized_client: The client does not exist or is not enabled for consumers

PauloMatos 170 Reputation points
2023-02-14T17:18:43.3033333+00:00

Hello,

when I was doing the following exercise:

https://learn.microsoft.com/en-us/training/modules/msgraph-toolkit-intro/4-exercise-sign-into-app

to Use Graph Toolkit

with this index.html :

<head>
  <meta charset="UTF-8">
  <meta http-equiv="X-UA-Compatible" content="IE=edge">
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <title>Graph Toolkit Client</title>
  <script
    src="https://unpkg.com/@microsoft/mgt@2/dist/bundle/mgt-loader.js"></script>
</head>

<body>
  <mgt-msal2-provider
    client-id="<my App Client Id>"></mgt-msal2-provider>
  <mgt-login></mgt-login>
</body>

</html>

I made the registration of the App in the Azure Portal

and I made also the following:

Az Portal -> Active Directory -> Enterprise Applications

I choose MyApp

I added the user to the MyApp

When call the WebApp on [http://localhost:3000/index.html]

I click on the button "Sign In"

I insert the email of the user associated to MyApp

and I receive the following result:

Microsoft account

Account

We're unable to complete your request

unauthorized_client: The client does not exist or is not enabled for consumers. If you are the application developer, configure a new application through the App Registrations in the Azure Portal at https://go.microsoft.com/fwlink...

Obs: the App Client ID is correct,

the email used correspond to the user assossiated to MyApp in the Azure Portal

What can be missing?

Thank You very much

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,692 questions
Accepted answer
  1. CarlZhao-MSFT 37,216 Reputation points
    2023-02-15T09:25:22.01+00:00

    Hi @PauloMatos

    The error means the Supported account types are not set for the personal account(Microsoft account in your case).

    To solve the issue, navigate to the Manifest of your App registration, set the two properties accessTokenAcceptedVersion and signInAudience like below.

    User's image

    "accessTokenAcceptedVersion": 2,
"signInAudience": "AzureADandPersonalMicrosoftAccount"

    When you save the setting, make sure your app meets the requirement of the validation, otherwise there will be some errors.

    Hope this helps.

    If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.

    9 people found this answer helpful.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ajmal Jalal 10 Reputation points
    2023-07-12T15:52:30.9633333+00:00

    Hi
    I have the same issue, have these "accessTokenAcceptedVersion": 2, "signInAudience": "AzureADandPersonalMicrosoftAccount" set properly but still gets the error. I get the error on live/prod not locally. locally it works fine.

    2 people found this answer helpful.