Moodle Office 365 Azure API permissions
I’ve seen this issue twice now on two different Moodle setups where the required access to read from the Azure Active Directory Graph API (AAD Graph) hasn’t been granted on setting up the app registration through Moodle.
Error received:
AADSTS650056: Misconfigured application. This could be due to one of the following: The client has not listed any permissions for ‘AAD Graph’ in the requested permissions in the client’s application registration.
I think there is possibly a bug in the latest version of the Office 365 and Azure Active Directory plugins for Moodle
I didn’t have this problem when setting our app registration up, but I did in from within Azure not by using the ‘Provide Admin Consent’ button from Moodle’s Microsoft Office 365 Integration setting in local plugins.
The below is how your app registration in Azure should be:
Also check the mdl_auth_oidc_token table and delete any rows which have userid of 0
select * from mdl_auth_oidc_token where userid = '0';
Not so many... 
where to find mdl_auth_oidc_token table?
It’s a table on the Moodle database
can you share a path where it usually is?
Hi Ciuba, it’s on the MySQL moodle database. I use MySQL workbench to access it.
select * from mdl_auth_oidc_token
or
select * from mdl_auth_oidc_token where userid = ‘0’;
Hello,
how could I add Azure Active Directory Graph permission manually?
Hi Mark, in Azure portal, find your App Registration for Moodle then the API permissions & Add a permission for Azure Active Directory Graph.. it ‘should’ be very simple. I’ll try and add detailed instructions later if you still cannot find out how to do it.
you are great! This is not documented on manual steps so I did not have it and had this exact same error .Thanks again