After you run the Microsoft Online Services Diagnostics and Logging (MOSDAL) Support Toolkit, the Active Directory Federation Services (AD FS) diagnostics log shows the following error:
There is no security token service description in the AD FS Metadata Exchange (MEX) document.
This log located at Admin_Applications\SSO_Diagnostic_Tests\ADFSDiagnostic.txt.
Additionally, after you sign in to a Microsoft cloud service such as Office 365, Microsoft Azure, or Windows Intune by using a federated account, rich client application authentication fails when it tries to access services.
An issue occurred with the AD FS service that prevented it from functioning as expected.
To resolve this issue, restart the AD FS service. If that doesn't resolve the issue, contact Technical Support.
Still need help? Go to the Office 365 Community
website or the Azure Active Directory Forums