Azure AD Sign-in Error 50003

Active Directory Auditing Tool
Get Your Free Trial Free, fully functional 30-day trial
Active Directory Auditing Tool

The Who, Where and When information is very important for an administrator to have complete knowledge of all activities that occur on their Active Directory. This helps them identify any desired / undesired activity happening. ADAudit Plus assists an administrator with this information in the form of reports. In real-time, ensure critical resources in the network like the Domain Controllers are audited, monitored and reported with the entire information on AD objects - Users, Groups, GPO, Computer, OU, DNS, AD Schema and Configuration changes with 200+ detailed event specific GUI reports and email alerts.

Account Management » Azure AD Sign-in Error 50003

Error 50003 - Sign-in failed due to missing signing key or certificate. This might be because there was no signing key configured in the application.

About Azure Activity sign-in activity reports:

Azure Active Directory's reporting tool generates 'Sign-in activity' reports that give you insights on who has performed the tasks that are enlisted in the Audit logs.

  • All Sign-in activity reports can be found under the Activity section of Azure Active Directory.
  • The default list view of Audit logs can be customized by adding additional fields.
  • The reports can also be filtered to let you view only the activities that are relevant. 
  • Here is an example of how a sign-in activity report looks like:

    azure-ad-sign-in-error-code-50003

Error description:

The error occurred because of a missing signing key or certificate. This might be because there was no signing key configured in the application.

Possible cause:

The application object is corrupted and Azure AD doesn’t recognize the certificate configured for the application.

Step to delete and create a new certificate solution:

  • Open the Azure portal and sign in as a Global Administrator or Co-admin.
  • Open the Azure Active Directory Extension by clicking All services at the top of the main left-hand navigation menu.
  • Type in “Azure Active Directory” in the filter search box and select the Azure Active Directory item.
  • Click Enterprise Applications from the Azure Active Directory left-hand navigation menu.
  • Click All Applications to view a list of all your applications.If you do not see the application you want show up here, use the Filter control at the top of the All Applications List and set the Show option to All Applications.
  • Select the application you want to configure single sign-on
  • Once the application loads, click the Single sign-on from the application’s left-hand navigation menu.
  • Click 'Create a new certificate' under the SAML signing Certificate section.
  • Select expiration date. Then, click save.
  • Check Make new certificate active to override the active certificate. Then, click Saveat the top of the pane and accept to activate the rollover certificate.
  • Under the SAML Signing Certificate section, click remove to remove the Unused certificate.

Auditing Azure AD environments with ADAudit Plus:

ADAudit Plus offers change monitoring for your Azure AD environment with the following features:

  • Correlated view across hybrid environments
  • Real-time alerts
  • Schedulable reports
  • Autonomous change remediation
  • Comprehensive search
  • Out-of-the-box compliance reports