question

ScottFridlund-8921 avatar image
0 Votes"
ScottFridlund-8921 asked ·

How to delete a corrupted Azure AD app registration

I have an Azure AD B2C tenant with a few applications registered. Somewhere along the way, one of the registered applications got into a corrupted state and we can no longer edit or delete it. I have confirmed that I am a global administrator in the B2C tenant, and that I am listed as an 'Owner' of the app in question.

Attempting to delete the app through the 'Azure AD B2C - Applications' blade:

Cannot delete Application: The B2C service has an internal error. If you created this B2C directory just now, please try again after couple of minutes. If the problem persists, please contact Support (https://azure.microsoft.com/en-us/documentation/articles/active-directory-b2c-support/). If you do not have a B2C directory you can refer https://azure.microsoft.com/en-us/documentation/articles/active-directory-b2c-get-started/

Attempting to delete the app through the 'Azure AD B2C - Applications(Preview) blade:

Failed to delete application Application required resource access(s). Error detail: The Required Resource Access specified in the request is invalid. Please check the resource ids and the permission ids and try again. [HPwwd]

Attempting to delete via powershell:

Remove-AzureADApplication : Error occurred while executing RemoveApplicationCode: Request_BadRequestMessage: The Required Resource Access specified in the request is invalid. Please check the resource ids and the permission ids and try again.RequestId: *removed*DateTimeStamp: Wed, 29 Jan 2020 16:29:36 GMTDetails: PropertyName - requiredResourceAccess, PropertyErrorCode - GenericErrorHttpStatusCode: BadRequestHttpStatusDescription: Bad RequestHttpResponseStatus: CompletedAt line:1 char:1+ Remove-AzureADApplication -objectid removed ...+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [Remove-AzureADApplication], ApiException + FullyQualifiedErrorId : Microsoft.Open.AzureAD16.Client.ApiException,Microsoft.Open.AzureAD16.PowerShell.RemoveApplication

I have searched online for any resources related to these errors and have had no luck.
This MSDN Blog post from 2016 seems related, and links to this stackoverflow post. I followed the steps listed (create a new service principal, then delete) but that did not work either.

What do I need to do to delete this app registration?



azure-ad-b2cazure-ad-app-registration
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ScottFridlund-8921 avatar image
0 Votes"
ScottFridlund-8921 answered ·

One of our engineers figured out the issue while working on something else. From the 'Azure AD B2C - App registrations (Preview)' blade he selected 'API permissions' and noticed that there was a suspicious custom permission left over from some of our earlier experimentation. He was able to delete that permission, and that allowed him to delete the app registration.

· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MarileeTurscak avatar image
0 Votes"
MarileeTurscak answered ·

Since you are a global administrator, can you try adding a new user as a global administrator, logging in with that user on the b2c tenant, and deleting the app registration, app resources, and application with that user?

Also, make sure that the user is a global admin in the b2c directory and not just the regular AAD.

If you continue to see issues, can you please send me an email at AzCommunity[at]microsoft[dot]com so that we can troubleshoot together?

· 1 · Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you for the suggestion. I did not have a chance to try your suggestion since one of our engineers resolved the issue before I came back to it.

0 Votes 0 · ·