AADSTS501201: Unexpected claim(s) in JWT: client_id,redirect_uri.

Nabil Hamdi 46 Reputation points
2023-07-12T14:52:46.6566667+00:00

Hello,

I have an authentication issue on a Hybrid joined Windows 11 computer.

This a Citrix VDI where users are automatically signed in Office apps and Edge.

But when authenticating to Office365 from Edge, they get that outstanding issue right before being prompted for password or anything:User's image

The error code is not referenced at Microsoft.

Also I have no sign-in logs at all in Azure.

Does someone has an idea on where I should start to troubleshoot this?

Thanks in advance.

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
5,067 questions
{count} votes

Accepted answer
  1. Andrew Sauder 120 Reputation points
    2023-07-13T13:01:36.25+00:00

    We're having the same issue on a few machines. On the computers experiencing the issue, I can confirm:

    • an incognito/private browser window lets the user sign in successfully
    • uninstalling KB5028185 fixes it

    However, at present, not every computer with KB5028185 installed appears to be affected.

    9 people found this answer helpful.

6 additional answers

Sort by: Most helpful
  1. Ziv Rivkis 6 Reputation points
    2023-07-26T12:20:00.85+00:00

    Win 11 Pro 10.0.22621 - same issue as described above by others. While InPrivate browsing worked fine, it wasn't a viable long term solution. The only thing that worked was to uninstall KB5028185.

    0 comments No comments

  2. Munir Ahmad 0 Reputation points
    2023-07-28T09:02:20.57+00:00

    This is the process I followed (without removing Windows Update) which worked in my instance:

    Removed users profile (Users\AppData\Local\Microsoft\Edge) by deleting 'User Data' Folder

    Launched MS Edge and signed-in with users account, same issue.

    Tested under InPrivate Window, no issues encountered although this isn't a viable solution.

    Opened New 'normal' window, signed user out of their profile and tested, user can access Company SharePoint. Signed User back into their profile, no issues encountered, likewise after restarting MS Edge.

    Hope this helps.

    Update: As per another comment (Jonny Sharp), it may not be necessary to delete User Data folder, signing out/in Users Profile may be sufficient.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.