When trying to join a Windows 10 or Windows 11 device to the Azure AD tenant using Settings > Access Work or School > Connect > Join this Device to Azure AD , you may get invalid_client error.
Looks like we can’t connect to the URL for your organization’s MDM terms of use. Try again, or contact your system administrator with the problem information from this page.
Error: Invalid_Client
Description: Failed to authenticate user
Cause & Solution
This issue may occur due to various reasons. Please check the following things if you encounter similar issue.
1. Have you configured the automatic MDM enrollment?
If a user is configured to automatically enrolled into Microsoft Intune when device is joined to Azure Active Directory (AAD) then Intune enrollment become mandatory during Azure AD Join. The device will not be joined to Azure AD if MDM enrollment failed.
Please check if MDM scopes are configured.
Go to Endpoint Manager admin center > Devices> Windows > Automatic Enrollment to check the settings.
Microsoft Intune – MDM Scope
2. Have you assigned Microsoft Intune license to user?
The user must have Microsoft Intune and Active Directory Premium P2 license assigned. You can validate this from Microsoft Endpoint Manager admin center / Users / <User Name>/ License.
You may have to wait for 10-15 minutes if getting same error evening after license assignment.
Related Posts
- SCCM Dynamic Collection for Windows 10 / 11 Devices
- SCCM SQL Query for Windows 10 / 11 Version Summary
- Configure Windows 10 / 11 Device as Kiosk | Microsoft Intune
- Windows 10 / 11 Operating System Build Versions
- Windows 11 enrollment failed with error 0x800700b7
- Enroll Windows 11 Device to Intune through Azure AD Join method | Corporate Devices
- Invalid_Client error when joining Windows 10 device to Azure AD tenant
- Join Windows 10 Device to Azure Active Directory
- How to Obtain Hardware Hash for Manually Registring Devices with Windows Autopilot
- Bulk enrollment of Windows 10/ 11 Devices to Intune
- Intune – Windows 10 MDM- Basic troubleshooting
- That account info didn’t work – error when disconnecting Windows 10 / 11 Work or School account
- MDM Enroll: Device Credential, Failed (Unknown Win32 Error code : 0xcaa9001f
Subscribe to Techuisitive Newsletter
Be the first to know about our new blog posts. Get our newsletters directly in your inbox and stay up to date about Modern Desktop Management technologies & news.
