Share via

AADSTS700016 error when running the "AZ Login" command in the script.

AmanpreetSingh-MSFT 56,876 Reputation points Moderator
2021-10-20T08:43:03.8+00:00

The Error AADSTS700016: Application with identifier xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx was not found in the directory yyyyyyyy-yyyy-yyyy-yyyyyyyyyyyy occurs when trying to login via Azure AD servicePrincipal using AZ Login command.

Note: This question is being posted as part of an internal effort at Microsoft to share emerging content with the community. A Microsoft employee will be following up with an answer shortly. If you have feedback regarding this issue, we encourage the community to start a discussion in the comments.

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments
Accepted answer
  1. AmanpreetSingh-MSFT 56,876 Reputation points Moderator
    2021-10-20T08:45:52.897+00:00

    Cause: The error occurs when the value of -u(--username) and/or -t(--tenant) parameter is incorrectly specified. "AZ Login" allows three kind of account to login to azure, which are:

    1. user account: The "-u" parameter should contain UPN of the user.
    2. service principal: The "-u" parameter should contain Application ID.
    3. managed system identity: The "-u" parameter should contain path of the managed identity, e.g., /subscriptions/<subscriptionId>/resourcegroups/myRG/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myID

    Resolution: Correct syntax of the command for AZ Login via servicePrincipal is: az login --service-principal -u your_application_id -p your_client_secret --tenant your_tenant.onmicrosoft.com

    Read more:

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.