| | 0

Why configuring Azure AD authentication with an Azure Web App fails

I spent hours today adding Azure AD authentication to an Azure MVC web application with Visual Studio. I always got the same error while adding the preconfigured AD application:

“Error: Unable to query for Azure AD applications: An error occurred while processing this request.”

My account has the right permission in Azure AD – I thought. After a while I found out: Visual Studio was connected to my Azure AD with three different accounts:

Normally, that’s what I want, even if I have to publish some apps in other tenants/subscriptions. But in this special case two accounts are part of the Azure tenant where my Azure applications should be deployed:

Visual Studio uses the first account (marked in red), which does not have the appropriate permissions.

My “fast” resolution: I gave this account the right Azure AD role (Application Administrator) for 5 minutes and tried again with success: