The error returns, as SEP Mobile wasn't able to add the application to Azure Active Directory.

In the process of redirecting the current Administrator and authenticating with AAD, the Intune service responded with an error. 

One possible reason for an authentication error can be due to a restrictive policy in Intune, for the target user. A solution for this specific use case is as follows:

1. Please verify that the user account on which the apps were added has global Administrator permissions in Intune.
2. Please check in the Intune environment if there are any conditional access policies configured for the Enterprise applications listed in Intune. The conditional access policies for Enterprise applications in Intune are set under Azure Active Directory > Enterprise applications > Conditional access.

If a specific conditional access policy is enabled, please temporary disable it and try to add the iOS and Android apps in the SEP Mobile Management Console. Once they are added, you can enable the conditional access policies again.