How to update accessTokenAcceptedVersion without updating other application properties

Bella 0 Reputation points Microsoft Employee
2024-09-12T02:39:15.22+00:00

Recently I changed accessTokenAcceptedVersion in application menifest to 2 but it breaks some of our web api functionality. I'd like to change accessTokenAcceptedVersion back to null but got the following error:

"Failed to update xxx application. Error detail: Values of IdentifierUris property must use a verified domain of the organization or its subdomain:"

My team is not ready to change any app properties such as IdentifierUris. Is there a way to walk around this error to set accessTokenAcceptedVersion back to its original value?

Thanks.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,116 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Navya 12,325 Reputation points Microsoft Vendor
    2024-09-16T16:57:10.9666667+00:00

    Hi @Bella

    Thank you for posting this in Microsoft Q&A.

    I understand you've updated the accessTokenAcceptedVersion property from "null" to 2 and now wish to revert the changes but are encountering the error: "Failed to update xxx application. Error detail: Values of Identifier Uris property must use a verified domain of the organization or its subdomain."

    Please check the identifier URI in your application.

    For single tenant applications, adding or updating the AppId URI validates that the domain in the HTTPS scheme URI is listed in the verified domain list in the customer tenant or that the value uses the default scheme (api://{appId}) provided by Microsoft Entra ID. This could prevent applications from adding an AppId URI if the domain isn't in the verified domain list, or the value doesn't use the default scheme.

    If you are using non verified domain, make sure app's manifest to have "signInAudience": "AzureADMyOrg" and "accessTokenAcceptedVersion": 2.If you are not prepared to modify any application properties, such as IdentifierUris, there is no feasible workaround to revert the accessTokenAcceptedVersion to its original value.

    Hope this helps. Do let us know if you any further queries.

    Thanks,

    Navya

    If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.