Overview
The AADSTS700016 error occurs when the Entity ID configured in your Azure Entra ID portal doesn't match what Procurify is sending during SSO authentication. Follow the steps below to identify and fix the mismatch.
The Issue
Users attempting to log into Procurify via Single Sign-On (SSO) see the following Microsoft error:
AADSTS700016 β Application with identifier '65617320-...' was not found in the directory 'Your Organization'.
This prevents the user from logging in entirely.
Why This Happens
Procurify uses SAML-based SSO to authenticate users through Microsoft Azure (Entra ID). During login, Procurify sends a unique Entity ID to Azure to identify itself. If the Entity ID registered in your Azure Enterprise Application doesn't exactly match what Procurify is sending, Azure cannot find the app in your directory and blocks the login.
Common causes include:
The Identifier (Entity ID) in Azure was never set, was changed, or was set with a typo
A trailing slash difference (e.g.,
...afvs...af/) β Azure treats these as different valuesThe user is signed into a different Microsoft tenant (e.g., a personal account or another organization's account) in their browser
The user has not been assigned to the Procurify Enterprise Application in Azure
Resolution Steps
Step 1: Verify the Identifier (Entity ID) in Azure
Log into the Azure Portal.
Navigate to Microsoft Entra ID > Enterprise Applications.
Search for and select your Procurify application.
Go to Single sign-on > SAML.
In the Basic SAML Configuration section, click Edit.
Check the Identifier (Entity ID) β it must match exactly what appears in the error message (e.g.,
65617320-a4a6-40cb-8585-665ea64940af).Pay attention to trailing slashes β even a single
/at the end can cause a mismatch.
Step 2: Confirm the User is Assigned to the Application
In the same Enterprise Application, navigate to Users and Groups.
Confirm the affected user is explicitly listed.
If "Assignment required" is set to Yes and the user is missing, they will be blocked from logging in. Add them and try again.
Step 3: Check the Active Microsoft Tenant
Confirm the user is signing in with an account that belongs to your organization's directory.
If the user has multiple Microsoft accounts (e.g., personal + work), their browser may be authenticating against the wrong tenant. Try signing out of all Microsoft accounts and signing back in with the correct work account.
π‘ Tips
The exact Entity ID required is visible in the AADSTS700016 error message itself β use it to cross-reference what's configured in Azure.
If users are on a shared device or use multiple Microsoft accounts, encourage them to use a private/incognito browser window to avoid tenant conflicts.
Still Having Issues?
If the Entity ID matches and the user is correctly assigned but the error persists, contact Procurify Support with a screenshot of the error and the Entity ID shown β our team can verify the value configured on Procurify's end.