How to register Azure AD multi-tenant app in another tenant (in which it wasn't created)
Question
I created an Azure AD Multi-tenant app within my own tenant.
When I try and call the Admin consent endpoint from within another tenant, and signing in as another tenant's administrator, I get the error:
AADSTS700016: Application with identifier 'guid' was not found in the directory 'directory-id'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.
How can another tenant provision and allow access to my multi-tenant app?
3 answers
solution1
1 2020-09-02 01:08:37
In this endpoint GET https://login.microsoftonline.com/{tenant}/v2.0/adminconsent? client_id={client id} GET https://login.microsoftonline.com/{tenant}/v2.0/adminconsent? client_id={client id} , set {tenant} as the tenant id of another tenant. Set it as common should also work.
Make sure you are using the admin account of that tenant.
solution2
0 2020-09-02 01:10:41
There is no need to register this app in other tenant. It will work for other tenant if it is already multi tenant and if it is using a end point which supports multi tenant ie, common .
Pleace check your application manifest has "signInAudience": "AzureADandPersonalMicrosoftAccount" and "accessTokenAcceptedVersion": 2 and Please update them if they are not same.
solution3
0 2022-06-28 20:14:23
I found this api to register the application in a different tenant.
https://login.microsoftonline.com/<new-tenant-id>/oauth2/authorize?client_id=<client-id>&response_type=code&redirect_uri=<redirect-uri>
This will create a new enterprise application in the target tenant with the same client id and new object id.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.