Overview:
A user receives the following error using Vault File Manager (VFM):
AADSTS90002: Tenant '*Your Tenant*' not found. Check to make sure you have the correct tenant ID and are signing into the correct cloud. Check with your subscription administrator, this may happen if there are no active subscriptions for the tenant.
Root Cause:
Certain configurations were made after the Vault 21R3.0.42 hotfix.
Solution:
In Vault, the user needs to go to Settings --> OAuth 2.0 / OpenID Connect Profiles and choose the relevant profile. There is usually one profile using Azure, but there could also be designated profiles, such as a separate one for Vault File Manager.
When in the profile, the user needs to ensure that the Authorization Server value is not set to ADFS. If it is, this has to be corrected to Azure AD.
Additionally, the following should be ensured in order to avoid an Authentication Error Message in VFM:
- If VFM auto-updates are not enabled, the application should be updated to a version equal or above to 21.30.3.0
- Additionally, users need to verify the following with their Azure Active Directory Administrators:
If the user has an Azure OAuth profile with Audience Restriction Validation enabled, the Audience mapping value for VFM (VaultCheckOut application) must be updated to the VFM application Client ID. This is the same as the value specified in the Authorization Server Client ID column for that application.
In case the root of the issue is still unclear, Event Logging should be enabled and an Authentication Attempt should be captured based on the article referenced below.
Related Documentation:
Vault Help Article:
- Vault Documentation: Vault Help