How to fix error when changing to PostgresSQL and Azure Active Directory authentication on existing flexible server

Question

Error when enabling, PostgreSQL and Azure Active Directory authentication, on an existing flexible postgres sql server.

I would like to know how to interpret the error and fix it. It appears to be an issue with connecting AAD or permissions. Originally the server was set up with PostgresSQL authentication. The error occurs during deployment when changing the auth.
I am owner inherited from subscription, RBAC Admin and user admin on the resource.

{
  "code": "DeploymentFailed",
  "message": "At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.",
  "details": [
    {
      "code": "AadAuthEnableFailedDueToMissingGraphApiAccessPrincipal",
      "message": "Expected Microsoft Graph API client application with ClientId =xxx is not found in the TenantId = xxx, or does not have required permissions."
    }
  ]
}

Answer 1

Hi Kelli Hale

Thank you for your patience while working on this issue. Seems like this issue occurs if the below prerequisite was not performed. https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/how-to-configure-sign-in-azure-ad-authentication?source=recommendations#prerequisites

Our product group are working on removing this requirement sometimes next week but until then customers must complete the prerequisite to avoid this error.

Please check and let me know if you have any questions.

Whoever is seeing this above error message please do perform the prerequisites and let us know the result.

Hope this helps.

Regards,

Oury