Connect application to OneDrive for Business China

1
votes

We have an application that connects to OneDrive for Business using the Microsoft-graph API. The application is registered in apps.dev.microsoft.com.

Now we want to support OneDrive for Business Chinese edition. According to the documentation, we changed the endpoints to the Chinese 21Vianet endpoints. However, when the Office 365 Chinese users try to authorize our application, they get this error:

AADSTS700016: Application with identifier 'xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx was not found in the directory 'userdomain.com'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.

It seems that the application registration at apps.dev.microsoft.com is not working for China. Do I have to register our application somewhere else and get another identifier? I can not find it in the documentation.

1
microsoft-graph-apionedrive

1 Answers

0
votes

The documentation you referenced is out of date. You should instead be following the Nation Cloud Deployments documentation from the Microsoft Graph site.

The problem you're running into is that the v2 App Model (which is what apps.dev.microsoft.com generates) and the v2 Endpoint are not supported with National Cloud Deployments:

Note: The Azure AD v2.0 authorization and token endpoints are available on the global service only; they are not yet supported for use with national cloud deployments.

Before you can authenticate users in China, you will need to register a new App ID using the v1 App Model. This is done by registering your application as a multi-tenant app via the Azure Portal.

You'll also need to change your authorization workflow to use the v1 Endpoint. For global endpoints, this is https://login.microsoftonline.com/common/oauth2/authorize?{your settings. For the Chinese endpoint, you want to use https://login.chinacloudapi.cn/common/oauth2/authorize.