"DA1017 - The audience validation failed. "
when activating Store Commerce POS 10.0.42 with CSU 10.0.42. If I revert Store Commerce POS and the CSU installer back to version 10.0.41, I am able to successfully activate the POS. DA1017 - The audience validation failed. Contact your system administrator to set up identity providers properly in retail headquarters. - If you are using Personnel ID and Password logon, make sure relying parties are correctly configured. - If you are using Microsoft Entra ID logon, make sure both relying parties and server resource ids are correctly configured.
Event Viewer:
Provided audience 'https://commerce.dynamics.com' found within the token does not match any of the acceptable audiences 'api://hidden' configured for the the issuer 'https://sts.windows.net/hidden/'. This can be configured in the headquarter under Retail Shared Parameters->Identity Providers following by the job 1110 execution. Once the job completes it will take 5 minutes for Retail Server to detect the change.
Additional details:
I am using the same Azure app registration information, certificate thumbprints, CSU and Store Commerce POS installation scripts, D365 identity providers config, etc when testing 10.0.41 vs. 10.0.42 components. The leads me to believe it is not an Entra ID issue as the error message claims. But instead, an issue with the 10.0.42 CSU and Store Commerce POS releases. I have reproduced and confirmed this issue in five other test environments.
Navigate to Retail and Commerce > Headquarters setup > Parameters > Commerce shared parameters> Identity Providers
André Arnaud de Cal...
292,074
Super User 2025 Season 1
Martin Dráb
230,900
Most Valuable Professional
nmaenpaa
101,156