![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 16%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
25,142 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 97%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENC%3C/text%3E%3C/svg%3E)
Thank you for posting this in Microsoft Q&A.
I understand you are trying to implement the Native authentication REST API reference - email OTP with Entra, getting the "AADSTS90023: Invalid STS request" error with Bad request response code (400).
Basically, a 400 Bad Request error occurs when a request sent to the website server is incorrect or corrupt, and the server receiving the request cannot understand it.
Here are a few things you can check to troubleshoot this issue:
1.Verify that the request is being sent to the correct endpoint. The endpoint for the Native authentication REST API reference - email OTP with Entra is https://login.microsoftonline.com/enterpriseregistration.windows.net/enrollmentserver/issueotp. Make sure that the request is being sent to this endpoint.
2.Verify that the user's email address is valid and that it is associated with a valid Entra account.
3.Check that the request is properly formatted. The request should include the required parameters and headers.
4.Check that the client application is properly registered in Azure Active Directory and that it has the necessary permissions to call the authentication service.
Hope this helps. Do let us know if you any further queries.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Thanks,
Navya.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 33%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMD%3C/text%3E%3C/svg%3E)