Share via

authentication request going to diff directory through java SDK, even though a diff directory is set in azure account

JA 131 Reputation points
2022-10-08T16:56:45.427+00:00

I am trying the authentication with username and password as mentioned in this questions ->
java-sdk-to-login-to-azure-using-the-microsoft-log.html

Now, while trying this solutions, I get below error :
248637-image.png

now, I did check the directory which is linked in the current session of my user account. It is set to DIR2. I have 2 directories which are linked to my user account. but it seems it is still ending up checking in dir 1.

What I am doing wrong here? why the authentication request is going to dir 1.

Microsoft Security | Microsoft Entra | Microsoft Entra ID
Microsoft Security | Microsoft Authenticator
0 comments
Accepted answer
  1. risolis 8,741 Reputation points
    2022-10-10T02:37:01.257+00:00

    Hello @JangidHimani-9673

    Thank you for taking the time to gather those details as well as your patience.

    I hope this time I am following the whole scenario and if not, please forgive me in advance : )

    Having said that, I want to bring some details back and also, to double check few things too. So, let me start by mentioning this below:

    I have read one more time the whole thread post and besides that, the GITHUB link in order to not miss any relevant detail. For instance, On the link stated several times, we can find the next URL's.

    1- First link from this post >>>> https://github.com/Azure-Samples/ms-identity-java-desktop/tree/master/

    2- For JAVA WebAPPs : https://github.com/Azure-Samples/ms-identity-java-webapp

    3- For JAVA desktop applications: https://github.com/Azure-Samples/ms-identity-java-desktop/

    • Furthermore, there is a relevant note that i just wanted to share in case you either missed or confirm that you did follow the instruction provided.

    Once this app is configured as multitenant, users from other tenants would be able to access this app and authenticate to it using their tenant user IDs. Once the users from other tenant signs into this app, a service principal for this app would get created in their tenant and then on that service principal you can apply the RBAC roles. For the user authentication, it would reach out to that other tenant and fetch a token from that other tenant when the user of that tenant puts in the creds.

    Points to note:

    In your current application's code, where you have mentioned the authority like "https://login.microsoftonline.com/{tenant-id}" you need to modify that and put in the following "https://login.microsoft.com/common". If you are following the same sample that I have shared with you above, you would that that sample has the following variable defined: " private final static String AUTHORITY = "https://login.microsoftonline.com/common/" " in the UsernamePasswordFlow.java. This is required for the application code to behave has multitenant.

    Then, it is Windows or Linux OS being used... Could you confirm it please?

    Finally, did you test it using different user/UPN or OS device? and same result?

    Looking forward to your feedback,

    Cheers,

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

3 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. risolis 8,741 Reputation points
    2022-10-08T17:50:23.457+00:00

    Hello @JangidHimani-9673

    Thank you for your heads up.

    I would like to provide the next post which seems very similar for what you were describing previously.... So please direct yourself down below:

    https://learn.microsoft.com/en-us/answers/questions/755414/the-account-needs-to-be-added-as-an-external-user-2.html

    https://learn.microsoft.com/en-us/answers/questions/638748/the-account-needs-to-be-added-as-an-external-user.html

    https://learn.microsoft.com/en-us/answers/questions/692461/message-aadsts700016-application-with-identifier-n.html

    https://stackoverflow.com/questions/57324634/aadsts700016-application-with-identifier-some-id-was-not-found-in-the-directo

    I hope you can find this useful to overcome your concern.

    Looking forward to your feedback,

    Cheers,

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments
  2. JA 131 Reputation points
    2022-10-08T19:13:19.45+00:00

    @risolis I checked out all the links you shared, and I think my question is not understood correctly.
    My account is linked with 2 directories, eg : DIR1 and DIR2.
    I have switched the dir to DIR2. and I have also set it up as start up directory.

    and now, I am trying to get an authentication token using msal Java SDK API. Here I have to pass my credentials to get an access Token, and I get the error saying that "Application with identifier '***' was not found in the directory 'DIR1'"

    Now my question is why it is trying to look for the registered application's client ID in DIR1, where as I have configured the directory as DIR2 in my account.

  3. JA 131 Reputation points
    2022-10-09T12:10:33.907+00:00

    @risolis no, let me try one more time with screenshots, I am trying out below code which needs me to enter credentials to authenticate user.-> use this link to check out the code :

    java-sdk-to-login-to-azure-using-the-microsoft-log.html

    And I am getting below error :
    248697-image.png

    Now, as you can see that it is trying to find the tenant Id under the directory -> *HG, but I have enabled diff directory in my account, so it should try in the one which I have enabled. Refer to below pic.

    248698-image.png

    now, you can see that I have selected the dircotry as ***** R&D but it is still looking in the *HG.

    I hope now I am clear with the question

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.