try this:
go to portal.azure.com
select your directory, and go to Azure AD
then select App registration (preview)
select the app you are trying to authenticate (you should already have registered it)
go to the authentication tab
check “ID tokens” in the Advanced Settings section (see the bottom of the attached image)
this have worked for me