The application named HTTPS://test113.onmicrosoft.com/FTP was not found in the tenant named test113.onmicrosoft.com

Rinu picture Rinu · Mar 17, 2016 · Viewed 17.8k times · Source

I have to authenticate an application against Azure AD. I have created the web API and added it to the Azure AD application section. Changed the manifest file, created a web API and authenticated with the Azure AD and created a Windows form, containing the following code:

 private async void button1_Click(object sender, EventArgs e)
 {
    string authority = "https://login.windows.net/test113.onmicrosoft.com";
    string resourceURI = "https://test113.onmicrosoft.com/ftp";
    string clientID = "5177ef76-cbb4-43a8-a7d0-899d3e886b34";
    Uri returnURI = new Uri("http://keoftp");

    AuthenticationContext authContext =
        new AuthenticationContext(authority);
    AuthenticationResult authResult =
        authContext.AcquireToken(resourceURI, clientID, returnURI);

    string authHeader = authResult.CreateAuthorizationHeader();

    // don't do this in prod
    System.Net.ServicePointManager.ServerCertificateValidationCallback =
            ((s, c, c2, se) => true);

    HttpClient client = new HttpClient();
    HttpRequestMessage request =
        new HttpRequestMessage(HttpMethod.Get, "https://localhost:44300/api/tasks");
    request.Headers.TryAddWithoutValidation("Authorization", authHeader);
    var response = await client.SendAsync(request);
    string responseString = await response.Content.ReadAsStringAsync();
    MessageBox.Show(responseString);
}

I have got an exception:

An exception of type 'Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException' occurred in Microsoft.IdentityModel.Clients.ActiveDirectory.dll but was not handled in user code

Additional information: AADSTS50001: The application named https://test113.onmicrosoft.com/ftp was not found in the tenant named test113.onmicrosoft.com. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You might have sent your authentication request to the wrong tenant.

Trace ID: e782d60e-b861-46a3-b32b-f3df78396bd0 Correlation ID: b4809815-2755-4de1-bd1b-0221d74fd0f0 Timestamp: 2016-03-17 11:20:08Z

Answer

Nan Yu picture Nan Yu · Mar 21, 2016

Resource in the request means the resource which you want to access in the particular tenant. When a native client needs to get a token from Azure Active Directory, it needs to specify the resource it wants a token for. In this scenario the client application wants access to the Web API so the APP ID URI for the Web API is used as the resource name. After it has the token it also needs to know the URL where the resource can be accessed, in this case the address of the Web API.For example:

// Resource settings this application wants to access
private string resource = "https://cloudalloc.com/CloudAlloc.WebAPI";
private Uri WebAPIUri = new Uri("https://localhost:44313");

Both of these settings can be found in the single sign-on section of the CONFIGURE page for the Web API application in the Azure Management portal.

Click here for more details .