An error occurs when I login as a service principal to my app: "Token contains invalid claims"
We have an app registration in AAD with MFA enabled and authentication configured using MSAL.
I've read that it is possible to bypass the MFA if I login as a service principal. I logged in using Azure CLI tool using Application (client) ID, Directory (tenant) ID and Secret value. Also I used "--allow-no-subscriptions" flag. Got an access token successfully.
When I am trying to use our app's API, next error is returned: "Token contains invalid claims".
What should I do to have access to my app using service principal? There are a lot of info on internet about roles within subscription/claims/scopes/resource groups. I am confused.
I would be grateful for your assistance!