AADSTS700016: Application with identifier 'some_id' was not found in the directory 'some_another_id'

azure-active-directory azure-ad-b2c saml saml-2.0 adfs
48,785

Solution 1

I ran in to this problem because I was using the ID of in the Client secret section instead of using the Application (client) ID.

Use This For The ID

Solution 2

I have faced this error below are the possibilities:

  • This error means you have made a mistakes while configuring the Client ID OR tenant ID in your code, First please confirm that both are same as your azure portal application client and tenant.

  • In my case i had entered wrong client id in my code.

  • Please check this https://github.com/MicrosoftDocs/azure-docs/issues/24673

Solution 3

The problem here is that the AAD Application Registration has an identifier URI that does not match that being requested in the authentication request. You can fix this by:

  1. Copying the URL in the obscured screenshot
  2. Navigating to Azure AD Blade in the Azure AD Tenant to which you want to federate with 3. Access the Enterprise Applications menu, find the App Registration by ApplicationId(ClientId)
  3. Open the Single Sign-On menu.
  4. Paste the URL from the error into the Identifier (Entity ID) option

You also need the correct Reply URL:
https://contoso.b2clogin.com/te/contoso.onmicrosoft.com/<policyd of Base>/samlp/sso/assertionconsumer

You are much better off using OpenId (which also allows for multi tenant access):
https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-setup-aad-custom

Share:
48,785
Admin
Author by

Admin

Updated on October 02, 2021

Comments

  • Admin
    Admin over 2 years

    here is an error img

    I need a federated authentication with custom policy (when user authenticated I need him to appear marked as Federated in b2c users, not Others or something else what I could achieve with single tenant), I had it before with default policy setup in azure as OpenId provider, but did not find how to do FEDERATION Authentication with OpenId in custom policy, so I did it with SAML and below what I've got.

    I tried Single tenant and it is not what I need. Also problem is not with signing key, because I've already had this issue and resolved this. I created self signed certificate, uploaded it to AAD application first and to b2c policy keys after. I think the application which authenticate the federation is not an issue, because I works with default policy.

        <TechnicalProfile Id="Office-SAML2">
      <DisplayName>Microsoft Office 365</DisplayName>
      <Description>Login with your ADFS account</Description>
      <Protocol Name="SAML2"/>
      <Metadata>
        <Item Key="WantsSignedRequests">false</Item>
        <Item Key="PartnerEntity">https://login.microsoftonline.com/<b2c tenant id>/federationmetadata/2007-06/federationmetadata.xml</Item>
        <Item Key="XmlSignatureAlgorithm">Sha256</Item>
      </Metadata>
      <CryptographicKeys>
        <Key Id="SamlAssertionSigning" StorageReferenceId="B2C_1A_SamlCert"/>
        <Key Id="SamlMessageSigning" StorageReferenceId="B2C_1A_SamlCert"/>
      </CryptographicKeys>
      <OutputClaims>
        <OutputClaim ClaimTypeReferenceId="issuerUserId" PartnerClaimType="userPrincipalName" />
        <OutputClaim ClaimTypeReferenceId="givenName" PartnerClaimType="given_name"/>
        <OutputClaim ClaimTypeReferenceId="surname" PartnerClaimType="family_name"/>
        <OutputClaim ClaimTypeReferenceId="email" PartnerClaimType="email"/>
        <OutputClaim ClaimTypeReferenceId="displayName" PartnerClaimType="name"/>
        <OutputClaim ClaimTypeReferenceId="identityProvider" DefaultValue="https://sts.windows.net/<b2c tenant id>/" AlwaysUseDefaultValue="true" />
        <OutputClaim ClaimTypeReferenceId="authenticationSource" DefaultValue="socialIdpAuthentication" AlwaysUseDefaultValue="true" />
      </OutputClaims>
      <OutputClaimsTransformations>
        <OutputClaimsTransformation ReferenceId="CreateRandomUPNUserName"/>
        <OutputClaimsTransformation ReferenceId="CreateUserPrincipalName"/>
        <OutputClaimsTransformation ReferenceId="CreateAlternativeSecurityId"/>
        <OutputClaimsTransformation ReferenceId="CreateSubjectClaimFromAlternativeSecurityId"/>
      </OutputClaimsTransformations>
      <UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop"/>
    </TechnicalProfile>

    I have been doing everything through this reference https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-custom-setup-adfs2016-idp

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

SAML LogOutRequest processing failed on ADFS server
What is the correct format for SAML 2.0 Assertions?
InvalidNameIDPolicy working with ADFS
Keycloak "Unexpected error when handling authentication request to identity provider"
Azure AD B2C password expiration
ADFS STS authentication with console application
Pass SAML token into web api call
keycloak integration with Azure AD for webapp authentication
SimpleSamlPhp as SP redirects incorrectly
What is the point of OpenSAML? Any alternative?