401 while using AzureAD SSO

Hello all,

We have integrated SSO with Azure Active Directory but are not able to register/login users.

We are following steps from the following documentation:
https://edx.readthedocs.io/projects/edx-installing-configuring-and-running/en/latest/configuration/tpa/tpa_integrate_open/tpa_oauth.html#register-the-open-edx-instance-with-azure-active-directory

Getting following error in the LMS logs while the user performs register/login:

Traceback (most recent call last):
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_core/utils.py", line 251, in wrapper
    return func(*args, **kwargs)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_core/backends/oauth.py", line 395, in auth_complete
    response = self.request_access_token(
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_core/backends/oauth.py", line 373, in request_access_token
    return self.get_json(*args, **kwargs)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_core/backends/base.py", line 238, in get_json
    return self.request(url, *args, **kwargs).json()
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_core/backends/base.py", line 234, in request
    response.raise_for_status()
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/requests/models.py", line 943, in raise_for_status
    raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 401 Client Error: Unauthorized for url: https://login.microsoftonline.com/common/oauth2/token

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/django/core/handlers/exception.py", line 34, in inner
    response = get_response(request)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/django/core/handlers/base.py", line 115, in _get_response
    response = self.process_exception_by_middleware(e, request)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/django/core/handlers/base.py", line 113, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/usr/lib/python3.8/contextlib.py", line 75, in inner
    return func(*args, **kwds)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/django/views/decorators/cache.py", line 44, in _wrapped_view_func
    response = view_func(request, *args, **kwargs)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
    return view_func(*args, **kwargs)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_django/utils.py", line 49, in wrapper
    return func(request, backend, *args, **kwargs)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_django/views.py", line 31, in complete
    return do_complete(request.backend, _do_login, user=request.user,
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_core/actions.py", line 45, in do_complete
    user = backend.complete(user=user, *args, **kwargs)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_core/backends/base.py", line 40, in complete
    return self.auth_complete(*args, **kwargs)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_core/utils.py", line 256, in wrapper
    raise AuthForbidden(args[0])
social_core.exceptions.AuthForbidden: Your credentials aren't allowed

Able to see the error 'cause have set SOCIAL_AUTH_RAISE_EXCEPTIONS to True here.

Open edX Release: open-release/koa.master

Seeking help on this.

Thanks!