Dynamic DNS - Azure

DavidIr

I am trying to enabled a single dynamic DNS record in my Azure AD DNS service which I want to update from my pfsense firewall - Netgate SG-4860, 21.05.1-RELEASE (amd64).

I have configured everything per the instructions in the config page:
Service type: Azure DNS
Interface to monitor: ADSL
hostname: myhost (per this post only hostname not FQDN)
Verbose Logging: Enabled
Username: {REDACTED note 1}
Password: {REDACTED note 1}
Zone ID: /subscriptions/{SUBSCRIPTION ID}/resourceGroups/coreresources/providers/Microsoft.Network/dnszones/{MYTLD}

Note 1: I created an app registration in Azure following instructions for the ACME certificate client which is successfully creating DNS records in AzureDNS to validate the domain for certificate issue purposes. The AppID and ClientSecret are identical to that setup. The app has "DNS Zone Contributor" rights.

The Zone ID is copied directly from the Azure Console properties page from the Resource ID field.

When I try to run the update I get the following in my pfsense logs:

Oct 22 08:33:01	php-fpm	21584	/services_dyndns_edit.php: Tenant ID not found
Oct 22 08:31:45	php-fpm	21584	/services_dyndns_edit.php: Dynamic DNS azure (myhost): _update() starting.
Oct 22 08:31:45	php-fpm	21584	/services_dyndns_edit.php: Dynamic DNS (myhost): running get_failover_interface for wan. found igb0
Oct 22 08:31:45	php-fpm	21584	/services_dyndns_edit.php: Dynamic DNS azure (myhost): 143.159.1.1 extracted from local system.
Oct 22 08:31:45	php-fpm	21584	/services_dyndns_edit.php: Dynamic DNS: updatedns() starting

Note 2: IP address altered in logs
Can anyone point me in the direction of what I have set up wrong?

Thanks

David