<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Microsoft Office 365 Error "AADSTS700011" Occurs When Accessing SharePoint Services via Okta
Jun 9, 2026
Single Sign-On
Okta Classic Engine
Okta Identity Engine
Overview

When end-users launch Microsoft 365 SharePoint-based applications (SharePoint Online, Delve, Newsfeed, and OneDrive) from the Okta dashboard, sign-in fails because an administrator entered the full domain in the Microsoft Tenant Name field. Correcting the tenant name to include only the prefix resolves the issue. End-users experience a sign-in failure when attempting to access SharePoint-based services such as SharePoint Online, OneDrive, Delve, or Newsfeed.

The following Azure Active Directory (Azure AD) error appears:

 

AADSTS700011: Application with identifier https://tenant_name.onmicrosoft.com.sharepoint.com was not found in the directory

 

AADSTS700011 Error message

 

 

Applies To
  • Okta Identity Engine (OIE)
  • Okta Classic Engine
  • Microsoft Office 365
  • SharePoint Online
  • OneDrive
  • Delve
  • Newsfeed
  • Single Sign-On (SSO) (WS-Federation)
Cause

The issue occurs when an administrator enters the full domain (for example, .onmicrosoft.com) in the Microsoft Tenant Name field on the General tab of the Microsoft Office 365 application within Okta. This field requires only the tenant prefix. When an administrator enters the full domain, Okta generates malformed identifiers and Application ID (appId) Uniform Resource Identifiers (URIs) that do not exist in Azure AD.

 

SharePoint and its associated services use a tenant-specific resource identifier built from the tenant name. With the misconfigured value, Okta generates an incorrect URL, which causes Azure AD to return the AADSTS700011 error.

Solution

How is the Microsoft Office 365 Error ADSTS700011 error resolved in Okta?

 

Navigate to the Microsoft Office 365 application in the Okta Admin Console and update the Microsoft Tenant Name field to include only the tenant prefix.

  1. In the Okta Admin Console, navigate to Applications > Applications and open the Microsoft Office 365 application.
  2. Go to the General tab and select Edit.
  3. In the Microsoft Tenant Name field, enter only the tenant prefix (for example, abc instead of abc.onmicrosoft.com).

O365 General settings

NOTE: Do not include .onmicrosoft.com in this field.

  1. Select Save.

 

 

What steps should be taken if the sign-in still fails?

 

Force the integration to refresh by clearing and reselecting the Microsoft services within the application settings.

  1. In the Microsoft Office 365 application, clear the checkboxes for the Microsoft services.
  2. Select Save.
  3. Edit the application again and select the checkboxes for the Microsoft services.
  4. Select Save.

 

 

NOTE: The above is based on observed behavior during testing. Microsoft does not publish a definitive list of which Office 365 services use which authentication endpoints, but it does provide error codes and their Microsoft Entra authentication and authorization error codes documentation.

 

 

Related References

Recommended content

Still looking for help?
Loading
Microsoft Office 365 Error "AADSTS700011" Occurs When Accessing SharePoint Services via Okta