Intune AutoPilot – invalid_client error failed%20to%20authenticate%20user
After the user credentials are validated in the Intune AutoPilot enrollment, the following error message comes up. invalid_client error failed%20to%20authenticate%20user.
The detailed error is as below.
Something went wrong
Looks like we can’t connect to the URL for your organization’s MDM terms of use. Try again or contact your system administrator with problem information from this page.
Additional problem information:
Error: invalid_client
Error subcode:
Description: failed%20to%20authenticate%20user
Solution
Verify from Microsoft Endpoint Manager Admin Center that the user who is registering for Intune is licensed:
-
Go to the Microsoft Endpoint Manager Admin Center > Users | All users> Search for user > Licenses > Assignments.
-
Verify that the user has an Enterprise Mobility + Security E3 or higher license and check the option of Microsoft Intune. In the image below, the license is granted with an Azure Active Directory group named “INTUNE_ENROLL”:
Next, check that the user has permissions to read the MDM terms of use of our organization in Intune:
-
Go to the Microsoft Endpoint Manager Admin Center > Enroll devices | Windows enrollment > Configure.
-
Verify that the user is in both user scopes (MDM and MAM). In the image below, the user will be in the MDM scope with option “All” and in the scope of MAM with the group “INTUNE_ENROLL”:
