ENTRA050 - Failed to Get Entra Named Location
Agent error code #ENTRA050 indicates that the agent could not retrieve the configured Named Location from Microsoft Graph. The request reached Graph and authenticated successfully, but Graph returned an unexpected status (other than the 404 case covered by #ENTRA052).
Common causes include:
- A 5xx error from Microsoft Graph during a transient service issue
- A 400 error because the Named Location ID in Knocknoc is not a valid GUID
- A response Microsoft Graph cannot serialise (extremely rare, indicates a corrupted Named Location)
Steps to Resolve
Verify the Named Location ID
- In the Knocknoc admin interface, open the backend configuration for the affected Entra Knoc
- Confirm the Named Location ID is a GUID in the form
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx - If unsure, look up the ID in the Azure portal under Microsoft Entra ID > Security > Conditional Access > Named locations. Open the location and copy the ID from the browser URL
For the full setup, see the Microsoft Entra ID setup guide.
Retry After Investigating Microsoft Status
If the ID is correct and the underlying error in the agent logs mentions a 5xx response, check the Microsoft 365 Status page. Transient 5xx errors during a service incident resolve themselves.
Recreate the Named Location
If the existing Named Location appears corrupted (for example, Graph returns it with unexpected fields), it is safest to delete and recreate it:
- In the Azure portal, navigate to Microsoft Entra ID > Security > Conditional Access > Named locations
- Delete the affected location
- Create a new IP-based Named Location with a sentinel range like
192.0.2.0/32so it is not empty on creation - Copy the new ID into the Knocknoc backend configuration
Still Having Issues?
We can help you out, contact us at support@knocknoc.io.