Moodle Office 365 Azure API permissions

I’ve seen this issue twice now on two different Moodle setups where the required access to read from the Azure Active Directory Graph API (AAD Graph) hasn’t been granted on setting up the app registration through Moodle.

Error received:

AADSTS650056: Misconfigured application. This could be due to one of the following: The client has not listed any permissions for ‘AAD Graph’ in the requested permissions in the client’s application registration.

I think there is possibly a bug in the latest version of the Office 365 and Azure Active Directory plugins for Moodle

I didn’t have this problem when setting our app registration up, but I did in from within Azure not by using the ‘Provide Admin Consent’ button from Moodle’s Microsoft Office 365 Integration setting in local plugins.

The below is how your app registration in Azure should be:

Also check the mdl_auth_oidc_token table and delete any rows which have userid of 0

select * from mdl_auth_oidc_token where userid = '0';

Screenshot_2019-10-15-07-34-07-858_com.android.chrome

6 comments

  1. Raymond Reid

    Hi Ciuba, it’s on the MySQL moodle database. I use MySQL workbench to access it.

    select * from mdl_auth_oidc_token
    or
    select * from mdl_auth_oidc_token where userid = ‘0’;

    • Raymond Reid

      Hi Mark, in Azure portal, find your App Registration for Moodle then the API permissions & Add a permission for Azure Active Directory Graph.. it ‘should’ be very simple. I’ll try and add detailed instructions later if you still cannot find out how to do it.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s