Can't figure out why my azure python-webapp-graph-api won't recognize my tenant ID

Question

I used this tutorial and followed all the steps (I registered the app manually, i.e. followed steps 2 and 3 and did not use the PowerShell scripts).

When I open the app at http://127.0.0.1/5000, I get the following error:

AADSTS90002: Tenant virencreedemail not found. This may happen if there are no active subscriptions for the tenant. Check with your subscription administrator.

I feel step 2.7 might be incorrect. I have it APP URI set up as https://virencreedemail/fcodeWebapp because my tenant name (Azure Active Directory > Properties > Name) is set as virencreedemail and my app name is fcodeWebapp

My config file is set according to this info, in which TENANT = "virencreedemail"

Answer 1

"virencreedemail" is not a tenant id. That's the name of your tenant I presume.

Your tenant id is "b8361107-f7e9-4e28-8e9f-b13e1b562bec". You can find it from Azure Portal -> Azure Active Directory -> Properties.

I got the id by going to https://login.microsoftonline.com/virencreedemail.onmicrosoft.com/.well-known/openid-configuration, and grabbing the id from the issuer. That's the public metadata document for your tenant, which apps use to load configuration.

Alternatively, you should be able to use one of the verified domain names, such as "virencreedemail.onmicrosoft.com", which is your tenant name + onmicrosoft.com and exists by default. If you add other custom domains, you can use them to identify the tenant. Note this mainly works with Azure AD endpoints, other APIs do expect that GUID I mentioned above.