What the AADSTS700016 error means
The AADSTS700016 error is returned by Microsoft Entra ID when the Client ID (Application ID) sent during login does not match any application registered in the tenant (directory). This usually happens because the wrong value was entered during SSO configuration.
Most common cause
In most cases, this error occurs because:
The Client Secret was mistakenly entered into the Client ID (App ID) field in your identity provider configuration.
As a result, the authentication request contains an invalid Client ID, and Entra ID cannot locate the application.
How to fix the issue
Follow these steps to resolve the error:
Sign in to the Azure portal.
Go to Azure Active Directory > App registrations.
Select the application used for SSO.
Copy the Application (client) ID.
The Client ID is always a GUID (for example:
16bd2b86-da1d-49df-917e-1c300c62c55a).
Update your SSO configuration to ensure this Client ID, and not the Client Secret, is entered in the Client ID field.
Save your changes and retry signing in.
If the error continues after correcting the Client ID
If you are still receiving the AADSTS700016 error, the application may not have been consented to in the tenant.
To resolve this:
Replace
your_client_idin the URL below with your actual Client ID:https://login.microsoftonline.com/common/adminconsent?client_id=your_client_id
Send this URL to a Global administrator in your Entra ID tenant.
The Global administrator must sign in and approve the consent request.
Additional Microsoft documentation
For more background and examples, see this Microsoft community article:
Need more help?
If none of the steps above resolve the issue, please open a support ticket by emailing support@hyperproof.io, and our team will help with further investigation.