This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 74%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBV%3C/text%3E%3C/svg%3E)
We are getting a duplicate entry in the entra portal while we are updating the existing xml by Admin.
End-to-end process of building, validating, and distributing custom apps and add-ins across Microsoft 365 platforms
But we didn't change the entraid we have changed the only version number and removed the scope inside the webaddininfo and reuploaded the XML at that time we are getting the Duplicate XML in the entra app registration.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 84%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHN%3C/text%3E%3C/svg%3E)
Thank you so much for that clarification! Mentioning <WebApplicationInfo> and the version number is very helpful. Since you mentioned that specific tag, it sounds like you are uploading an Office/M365 Add-in XML manifest (likely through the Microsoft 365 Admin Center), rather than a standard SAML metadata file.
When you deploy or update an Add-in, the Microsoft 365 deployment engine reads that <WebApplicationInfo> section to automatically set up SSO and permissions in Entra ID.
When you remove or change a scope in the XML, the automation notices the permissions have changed. Instead of modifying the existing Entra app, it plays it safe and spins up a brand-new App Registration. It does this by design because changes to scopes usually require fresh Admin Consent, so the system creates a duplicate to avoid breaking any existing consent policies for your users.
If you want to try and force it to use the existing app, you can try syncing them up manually first:
Note: If the Microsoft 365 Admin Center still generates a duplicate after doing this, it is a hardcoded behavior of the Integrated Apps deployment tool when it detects scope changes. In that case, the best practice is to grant Admin Consent to the new App Registration, verify the Add-in works, and then delete the old/unused App Registration.
I hope this helps.
Just checking in to see if you've had a chance to check my previous reply. Please let me know if you have any further questions.
Based on my research and understanding, this behavior occurs when Entra ID interprets the updated XML file as a completely new application rather than an update to your current one. When a new SAML/Enterprise Application is created, Entra ID automatically generates a corresponding App Registration, which is why you see duplicates there.
This usually happens for:
To safely update your metadata moving forward, you can follow these steps:
Before deleting anything, please check the Sign-in logs and Users and groups assignments for both the old and new applications. Once you verify which application is actively handling your authentication traffic, you can safely delete the unused duplicate.
For your information:
Enable SAML single sign-on for an enterprise application - Microsoft Entra ID | Microsoft Learn
Apps & service principals in Microsoft Entra ID - Microsoft identity platform | Microsoft Learn
I hope this information helps, and if you have any question, please feel free to ask via comment section.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
I hope this information helps.
But the issue is getting even without changing the entra Id we just changed the scope and updated the existing XML still we are seeing the duplicate one.