Share via

The service principal for resource '{identifier}' is disabled. This indicate that a subscription within the tenant has lapsed, or that the administrator for this tenant has disabled the application, preventing tokens from being issued for it.

AdministratorZG 5 Reputation points
2025-05-09T08:54:15.1766667+00:00

Hello since yesterday all our Users can't login into outlook desktop.

All users have the license microsoft exchange online P1.

Logging into outlook web is no problem and it works.

When we look into the login-logs we get this error:
The service principal for resource '{identifier}' is disabled. This indicate that a subscription within the tenant has lapsed, or that the administrator for this tenant has disabled the application, preventing tokens from being issued for it.

We already tried alot of things like this: https://learn.microsoft.com/en-us/answers/questions/1728686/the-service-principal-for-resource-((identifier)) but that didn't help sadly.

image (5)

Microsoft Security | Microsoft Entra | Microsoft Entra ID

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vasil Michev 119.7K Reputation points MVP Volunteer Moderator
    2025-05-09T15:16:59.0233333+00:00

    This seems to be an ongoing issue currently, the way to resolve it is to re-enable the corresponding service principal. In PowerShell, you can do this via:

    Update-MgServicePrincipalByAppId -AppId 40775b29-2688-46b6-a3b5-b256bd04df9f -AccountEnabled:$true

    If you are not familiar with PowerShell, open the Entra portal > Enterprise applications > remove the filters > search for "40775b29-2688-46b6-a3b5-b256bd04df9f" (or the corresponding "Microsoft Information Protection API" display name) > click the entry > click Properties > make sure Enabled for users to sign-in? is set to Yes.

    3 people found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.