Share via

Setting up Microsoft PIN Reset Service - AADSTS500113: No reply address is registered for the application.

Ronald 10 Reputation points
2024-07-24T00:46:03.0033333+00:00

Hi All

I am trying to follow this article on resetting Pin

https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/pin-reset?tabs=intune#how-nondestructive-pin-reset-works

When trying to log into the Microsoft Reset Pin Production Portal I get this message

What do I need to do in Azure as I cant find any instructions on what to do?

I see I need to use App Registration to setup some kind of Redirection URL but I have no idea what to set it?

At the moment there is nothing in "App Registration" in Azure

User's image

Microsoft Security Microsoft Entra Microsoft Entra ID
Windows for business Windows Client for IT Pros User experience Other
Microsoft Security Microsoft Entra Other

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Raja Pothuraju 23,465 Reputation points Microsoft External Staff Moderator
    2024-07-25T14:50:53.3866667+00:00

    Hello @Ronald,

    Thank you for posting your query on Microsoft Q&A.

    As you mentioned, you are attempting to enable the Microsoft PIN reset service for your users to recover a forgotten Windows Hello for Business PIN. You are encountering the error message "AADSTS500113: No reply address is registered for the application" when logging into the Microsoft Reset Pin Production Portal.

    This error message is expected after granting admin consent to the Microsoft Pin Reset Client Production application. Please refer to the screenshot below to understand the process when registering the applications:

    When you go to the Microsoft PIN Reset Service Production website, and sign in with Global administrator or at least an Application Administrator user, you will be prompted to consent to the application with the page shown below.

    User's image

    After clicking "Accept" and completing the consent for the application, you will be redirected to https://login.microsoftonline.com/common/Consent/Set with the mentioned error message. You do not need to take any action on this error; it is expected behavior following the consent acceptance, as outlined in the documentation.User's image To confirm that the two PIN Reset service principals are registered in your tenant, follow these steps:

    1. Sign in to the Microsoft Entra Manager admin center
    2. Select Microsoft Entra ID > Applications > Enterprise applications
    3. Search by application name "Microsoft PIN" and verify that both Microsoft Pin Reset Service Production and Microsoft Pin Reset Client Production are in the list PIN reset service permissions page.

    I hope this information is helpful. Please feel free to reach out if you have any further questions.

    If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

    Thanks,
    Raja Pothuraju.

    3 people found this answer helpful.
    0 comments
  2. Ronald 10 Reputation points
    2024-07-25T21:37:50.3633333+00:00

    @Raja Pothuraju Both are listed in Enterprise Application.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.