I’ve seen this issue twice now on two different Moodle setups where the required access to read from the Azure Active Directory Graph API (AAD Graph) hasn’t been granted on setting up the app registration through Moodle.
AADSTS650056: Misconfigured application. This could be due to one of the following: The client has not listed any permissions for ‘AAD Graph’ in the requested permissions in the client’s application registration.
I think there is possibly a bug in the latest version of the Office 365 and Azure Active Directory plugins for Moodle
I didn’t have this problem when setting our app registration up, but I did in from within Azure not by using the ‘Provide Admin Consent’ button from Moodle’s Microsoft Office 365 Integration setting in local plugins.
The below is how your app registration in Azure should be:
Also check the mdl_auth_oidc_token table and delete any rows which have userid of 0
select * from mdl_auth_oidc_token where userid = '0';