← Back to all provider errors
Microsoft
AADSTS70011 — Invalid scope
Scope value isn't valid for the resource.
Riposte solution
The OAuth scope you requested isn't valid for the resource. This might be a typo or an unsupported scope. Review the scopes your app is requesting for Azure AD. Ensure you're using correct Graph scopes (e.g., Mail.Read or Mail.Send). Update the scope list in your config or code and re-initiate the auth process via /auth/sessions.
Quick facts
- Provider
- Microsoft
- Endpoint / surface
- Azure AD OAuth 2.0
- Status code
- 400
Why it happens
[Typo in scope; Wrong resource]
How to fix it
[Use valid scopes; separate requests per resource]