Error AADSTS50003 - No signing key configured
This article describes a problem in which you receive the error message "Error AADSTS50003 - No signing key configured." when trying to sign into a SAML-based single sign-on (SSO) configured app that has been integrated with Microsoft Entra ID.
Symptoms
You receive error AADSTS50003 when trying to sign into an application that has been setup to use Microsoft Entra ID for identity management using SAML-based SSO.
Cause
The application object is corrupted and Microsoft Entra ID doesn't recognize the certificate configured for the application.
Resolution
To delete and create a new certificate, follow the steps below:
- On the SAML-based SSO configuration screen, select Create new certificate under the SAML signing Certificate section.
- Select Expiration date and then click Save.
- Check Make new certificate active to override the active certificate. Then, click Save at the top of the pane and accept to activate the rollover certificate.
- Under the SAML Signing Certificate section, click remove to remove the Unused certificate.
More Information
For a full list of Active Directory Authentication and authorization error codes see Microsoft Entra authentication and authorization error codes
Contact us for help
If you have questions or need help, create a support request, or ask Azure community support. You can also submit product feedback to Azure feedback community.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for