The configuration of the authentication is slightly different. First, the redirect URI should be of the following form:
https://.azure-mobile.net/signin-microsoft
Also, (assuming you are configuring the service through the My Applications page in the Live Connect Developer Center) the settings that I have are as follows:
- Mobile or desktop client app: yes
- Restrict JWT issuing: yes
- Enhanced redirection security: yes
Henrik