When setting up a GlobalProtect Portal/Gateway with AzureAD you may find you receive the error message:

AADSTS700016: Application with identifier <Entity ID> was not found in the directory ‘<Directory ID>’.

The fix here is easy – the GlobalProtect client injects a :443 at the end of the domain name which isn’t mentioned in the guide from Microsoft (https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/palo-alto-networks-globalprotect-tutorial) but is in the guide from Palo Alto Networks (https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g0000008U48CAE).

Interestingly the Reply URL doesn’t specifically require it (although mentioned in the Palo Alto guide) but either way easy to fix.

VN:F [1.9.22_1171]
Thumbs up if this article helped you 🙂
Rating: +7 (from 7 votes)
Palo Alto Networks GlobalProtect and Azure AD - AADSTS700016: Application with identifier was not found in the directory., 100% based on 7 ratings

Leave a Reply

Your email address will not be published. Required fields are marked *