AADSTS700016 Application with identifier 'x' was not found in the directory 'y'

JoneJere 0 Reputation points
2023-01-25T09:44:18.0966667+00:00

I have checked that x client-id is correct with the app registration in the Azure portal. The tenant-id is also correct, and the app registration is in fact indeed registered under the correct tenant.

The app registration have the appropriate redirect urls added to authentication for mobile an desktop applications.

I struggle to understand exactly why I'm getting the following error message, as everything seems to be correctly set up. This has been working on an older app registration, but ever since we moved to a new app registration, it stopped working. The two app registrations are petty much identical except for obvious differences such as client-id and name etc..

Microsoft Security | Microsoft Entra | Microsoft Entra ID
{count} votes

1 answer

Sort by: Most helpful
  1. Marilee Turscak-MSFT 37,206 Reputation points Microsoft Employee Moderator
    2023-01-27T01:28:23.4066667+00:00

    Hi JoneJere ,

    If you have confirmed that all of the fields are correct and are still receiving the access error, feel free to send me an email at AzCommunity@microsoft.com ("Attn: Marilee Turscak") so that we can troubleshoot offline.

    I would recommend, however, trying the following steps first if you have not done so already:

    1. Confirm that "Accounts in any organizational directory" is set under Authentication > "Supported account types".
    2. Copy the URL from your error and open the Single Sign-On menu under the Enterprise Application > Single sign-on > Identifier (Entity ID) Then, paste the URL from the error into the Identifier (Entity ID) option: User's image
    3. Ensure that you are using the ID of Application (client) ID instead of the client secret.
    4. Search the references in your code and confirm that there is no mismatch, added character, white space, extra slash, or any difference between the tenant ID and client ID referenced in the code vs what is referenced in the registration and Enterprise App settings.
    5. Use the Test SSO Function in the Azure AD Portal by going to Enterprise Applications > select the application > Single sign-on > Test this application > Copy and paste the error received into the Resolving errors section > and click Get resolution guidance. Verify if there is a difference between the issuer and the identifier.
      User's image Let me know if this helps and feel free to reach out to me over email as well if you would like.

    If the information helped you, please Accept the answer. This will help us as well as others in the community who might be looking up the same error.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.