Azure Key Vault - AADSTS70001: Application with identifier "xxx" was not found in the directory "xxx"

azure azure-keyvault
Kumar picture Kumar · Nov 19, 2015 · Viewed 13.5k times · Source

I am working on – Using azure key vault in web application. Implemented steps below, but getting error.

Steps:

  1. Created azure active directory and added application in this directory. (copied - Client id and key)
  2. Created azure key vault using power shell in the same subscription. (Successfully created key vault, along with some keys).
  3. In web application code implemented using azure key vault library. But getting error saying that : -

AADSTS70001: Application with identifier 'c4687eec-d6f1-420a-8d25-9be20a78c98a' was not found in the directory a7682f3c-49a6-41f1-9865-343579044071

Trace ID: b3653879-9603-4c10-a620-ded52f5c5d05

Correlation ID: b740d27e-ab99-4f0a-9cec-9d57c4acc2d7

Timestamp: 2015-11-19 06:36:32Z

This application exists in active directory in the same subscription.

Referred links:

  1. https://azure.microsoft.com/en-in/documentation/articles/key-vault-use-from-web-application/
  2. https://azure.microsoft.com/en-in/documentation/articles/key-vault-get-started/

Answer

MvdD picture MvdD · Dec 9, 2015

You say you've Created azure active directory and added application in this directory.

This means you've registered your application in the non-default directory for the subscription. Due to a limitation in Azure KeyVault, you can only authorize applications in the default directory to use KeyVault.

See this page for an official source. You can vote to have this issue fixed here.

Related questions

Azure key vault: access denied

I have the following code for obtaining a secret from the Azure key vault: public static async Task<string> GetToken(string authority, string resource, string scope) { var authContext = new AuthenticationContext(authority); ClientCredential clientCred = new ClientCredential(...); //app id, app …

Read More
KeyVaultErrorException: Operation returned an invalid status code 'Forbidden'

I'm trying to set up my web app, hosted in Azure to read settings from Azure KeyVault. I've been following this guide: https://anthonychu.ca/post/secrets-aspnet-core-key-vault-msi/ The example shows how to access app settings from KeyVault with the configuration: …

Read More
How to get connection string out of Azure KeyVault?

A hypothetical web-site currently connects using: public SqlConnection CreateConnection() { DbConnection connection = new SqlConnection(); connection.ConnectionString = GetConnectionString(); connection.Open(); return connection; } Where the magical connection string is stored in web.config: String GetConnectionString() { //Get the connection string info from web.config …

Read More