Hi,
Thank you for posting your query.
Kindly follow the steps provided below to resolve your query.
Every OAuth client (native or web app) or resource (web api) configured with AD FS needs to be associated with an application group. The clients in an application group can be configured to access the resources in the same group. An application group can contain multiple clients and resources.
Go to this link for your reference and additional troubleshooting procedures https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/development/ad-fs-openid-connect-oauth-concepts
If the answer is helpful kindly click "ACCEPT AS ANSWER" and up vote it