Microsoft Azure AD with MFA + Vault OIDC

Hi there,

We are trying to integrate our Hashicorp Vault which is on prem with Azure Authentication using groups. All looks ok but when we try and log in we get , "

Vault login failed. Error exchanging oidc code: “Provider.Exchange: id_token failed verification: Provider.VerifyIDToken: invalid id_token: failed to verify signature: failed to verify id token signature: invalid signature”." . After logging in with our azure account. Our Azure accounts have MFA enabled . is this supported? Any help or pointers will be greatly appreciated.

It should work as that’s what my company uses.

I’m not sure of any special settings on the Azure AD side outside of what’s defined in the docs:

@u_dawgy did you manage to fix this?
I recently set up my vault environment and got the same error…