CODEWITHSUNDEEP
azureweb-configsingle-sign-onadfs
JessS
JessS

Reputation: 83

AADSTS700016: UnauthorizedClient_DoesNotMatchRequest

Not sure if this is the right place to ask but... We have an older application that is set up to use SSO, currently Azure ADFS. I want to use login.microsoft.com url instead of our organizational url that has been used in the past.

I replaced the currently working links in web.config with the endpoints from Azure

  <appSettings>
<add key="FederationMetadataLocation" value="https://login.microsoftonline.com/dfmi.onmicrosoft.com/FederationMetadata/2007-06/FederationMetadata.xml" />
  </appSettings>

and

  <federatedAuthentication>
    <wsFederation passiveRedirectEnabled="true" issuer="https://login.microsoftonline.com/0845a734g7-6d23-7c96-9f4x-3427v39n4sd5/wsfed/" realm="https://customdfmi.dfmi.net/" requireHttps="true" />
    <cookieHandler requireSsl="false" />
  </federatedAuthentication>

I get to the sign-in page. When I put in the credentials it shows "AADSTS700016: Application with identifier 'https://customdfmi.dfmi.net/' was not found in the directory". It is set up in Azure. Redirect URI is the exact copy of what's in web.config. What am I putting wrong in web.config? Do I need to put the Application ID somewhere in it? Any pointers would be great. Thanks!

Upvotes: 2

Views: 790

Answers (1)

Waqas Ahmed
Waqas Ahmed

Reputation: 15

Did you received this message?

AADSTS700016    

UnauthorizedClient_DoesNotMatchRequest - The application wasn't found in the directory/tenant.

This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You might have misconfigured the identifier value for the application or sent your authentication request to the wrong tenant.

Upvotes: 2

Related Questions