When setting up a GlobalProtect Portal/Gateway with AzureAD you may find you receive the error message:
AADSTS700016: Application with identifier <Entity ID> was not found in the directory ‘<Directory ID>’.
The fix here is easy – the GlobalProtect client injects a :443 at the end of the domain name which isn’t mentioned in the guide from Microsoft (https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/palo-alto-networks-globalprotect-tutorial) but is in the guide from Palo Alto Networks (https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g0000008U48CAE).
Interestingly the Reply URL doesn’t specifically require it (although mentioned in the Palo Alto guide) but either way easy to fix.
VN:F [1.9.22_1171]Thumbs up if this article helped you 🙂 Palo Alto Networks GlobalProtect and Azure AD - AADSTS700016: Application with identifier was not found in the directory.,
Leave a Reply