I try to integrate Sharepoint with Azure AD using Using Microsoft Azure Active Directory for SharePoint 2013 authentication.
The problem encountered when logging comes from login.microsoftonline.com and is:
AADSTS70001: Application with identifier 'https://myname.accesscontrol.windows.net/' was not found in the directory 62efceea-b938-4129-9e53-839f774d23e8
But I can see it when I use:
Get-msolserviceprincipal
ExtensionData : System.Runtime.Serialization.ExtensionDataObject
AccountEnabled : True
Addresses : {Microsoft.Online.Administration.RedirectUri}
AppPrincipalId : c07cade5-ef92-44bf-bfdf-6ea18e8b22a8
DisplayName : Catapult Staffing
ObjectId : c3f4832d-d191-4ef7-9d5e-52329d4f903c
ServicePrincipalNames : {c07cade5-ef92-44bf-bfdf-6ea18e8b22a8, https://myname.accesscontrol.windows.net/}
TrustedForDelegation : False
Here is the thing: We have Azure AD and Access Control Services under different subscriptions. Could that be a problem?
When I connect ACS to Azure AD through New-MsolServicePrincipal, it doesn't create any app reference. Thus, my ACS doesn't appear as Application in Azure AD. Moreover, I'm not able to add it as application manually unless I use Remove-MsolServicePrincipal. So there is no need to use it at all!
To get things working I just added 'https://myname.accesscontrol.windows.net/' as an application for my Azure AD. Then viewed endpoints of the newly created app. And used Federation metadata endpoint in as my ACS provider's Url