Azure Bot automatic App Registration not syncing with Bot Framework directory - Error 700016

Question

Azure Bot automatic App Registration not syncing with Bot Framework directory - Error 700016

oblin denis 0

I'm experiencing a persistent authentication error (AADSTS700016) with an Azure Bot created using automatic App Registration. The bot successfully receives messages but fails when attempting to send responses.

Error Details:

Error Code: AADSTS700016
Message: "Application with identifier '4d031594-d402-4ac9-8740-37e56dd45a4f' was not found in the directory 'Bot Framework'"
This happens when the bot tries to respond to any message

Configuration:

Azure Bot: bot-teams-us-prod
Resource Group: rg-memo (East US region)
Creation Method: Automatic (selected "Create new Microsoft App ID" during bot creation)
App Type: Single Tenant
Bot Framework SDK: botbuilder@4.22.1
Node.js: v20.18.0
Local testing with ngrok

What Works:

Bot starts successfully and listens on port 3978
Ngrok tunnel established and configured in Azure Bot messaging endpoint
Bot RECEIVES messages (200 OK in ngrok logs)
Message content is correctly logged in the bot

What Fails:

When bot tries to send response using context.sendActivity()
Error occurs during authentication with Bot Framework
Results in 502 error returned to Web Chat client

Steps to Reproduce:

Create Azure Bot with automatic App Registration in East US
Configure bot with generated App ID and secret in .env file
Start bot locally with npm start
Configure ngrok endpoint in Azure Bot
Test in Web Chat - type any message
Bot receives message but fails to respond with error 700016

Attempted Solutions:

Waited 45+ minutes for synchronization
Tried both SingleTenant and MultiTenant configurations
Recreated bot in US region (initially tried Europe)
Verified App ID and secret multiple times
Enabled Teams channel
Modified adapter configuration to force tenant authentication

Azure Diagnostics Result:

Critical insight detected: "Bot Service requests to the bot are being rejected as unauthorized, resulting in 502 errors"
Confirms authentication configuration issue

The core issue appears to be that the automatically created App Registration is not being recognized by the Bot Framework directory, despite being created through the official Azure Bot creation process.

3 answers

Your answer

Answer 1

Hi ,

Thanks for reaching out to Microsoft Q&A.

This is a known issue with Azure Bot Service when using automatic app registration, especially in certain regions (East US is one of them). The error AADSTS700016 means that the App ID created during "automatic" registration is not propagating correctly into the Bot Framework tenant directory that the channel service uses. That explains why your bot can receive messages (the incoming webhook does not require token validation), but cannot respond (outbound requires token exchange against AAD and Bot Framework, which fails because the app is missing).

Here is what you need to do:

Root Cause

When you select "Create new Microsoft App ID" during azure bot creation, the portal automatically provisions an App Registration in your tenant.
In some cases, that app registration is not properly synced to the Bot Framework service directory (a separate multitenant directory used by Bot Service).
As a result, outbound calls from your bot to the channel service fail with AADSTS700016: Application not found.

Workaround:

Manually create an App Registration in AAD:
- Go to Azure Active Directory > App registrations > New registration.
- Give it a name (ex: bot-teams-us-prod-manual).
- Supported account types: Single tenant (or Multitenant if you plan crosstenant usage).
- Redirect URI: leave blank (not needed for bots).
- Register the app.
Generate a client secret:
- In the App Reg, go to Certificates & Secrets > New client secret.
- Copy the secret value.
Update the Bot Channel Registration:
- Go to your Azure Bot resource (bot-teams-us-prod).
- Under Configuration > Microsoft App ID and password, replace the auto gen App ID with your manually created App ID.
- Paste the client secret.
Update your local bot code:
- In .env, update & restart the bot
  
  MicrosoftAppId=<your-manual-app-id> MicrosoftAppPassword=<your-client-secret>

Please 'Upvote'(Thumbs-up) and 'Accept' as answer if the reply was helpful. This will be benefitting other community members who face the same issue.

oblin denis 0 Reputation points

2025-08-16T18:04:44.4833333+00:00

Thank you for your reply. I first did what you described before trying the automatic creation of an app ID, hoping that would solve my problem. I initially made my attempts in France before testing East US… in vain.

Thanks again for these suggestions.

Answer 2

Sina Salam 24,096 Volunteer Moderator

Hello oblin denis,

Welcome to the Microsoft Q&A and thank you for posting your questions here.

I understand that your Azure Bot error means that the bot's App Registration is not properly recognized by the Bot Framework directory. Try to do the followings:

Verify App Registration and confirm the App ID matches the one in your .env file, and make sure the app is listed and not deleted or expired.

Set Correct Tenant Authority in your bot’s .env file or adapter config, set:

    MICROSOFT_APP_TYPE=SingleTenant
     MICROSOFT_APP_ID=<Your App ID>
     MICROSOFT_APP_PASSWORD=<Your Secret>
     MICROSOFT_APP_TENANT_ID=<Your Tenant ID>
     MICROSOFT_APP_CHANNEL_SERVICE=https://smba.trafficmanager.net/amer/

In code (Node.js):

   const credentials = new MicrosoftAppCredentials(appId, appPassword, tenantId);
     adapter.credentials = credentials;

This ensures the bot authenticates against your tenant.

Check Redirect URIs to ensure the following URI is present: https://token.botframework.com/.auth/web/redirect This is required for Bot Framework authentication.
Review API Permissions by adding:
- Bot Framework delegated permissions
- Microsoft Graph if needed and "Grant admin consent"
Recreate Bot Registration (if needed) and especially, if the app still isn’t recognized:
- Delete the Azure Bot resource and App Registration.
- Recreate manually via Bot Framework Developer Portal.
- Link the new App ID and secret in Azure Bot resource - https://stackoverflow.com/questions/71031057/microsoft-bot-framework-bot-missing-from-bot-framework-tenant-how-to-add
Use Bot Framework Emulator with App ID and password to test token acquisition and ngrok, and Web Chat to confirm outbound messages work.

I hope this is helpful! Do not hesitate to let me know if you have any other questions or clarifications.

Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful.

oblin denis 0 Reputation points

2025-08-16T18:54:52.7266667+00:00
Thank you for your detailed suggestions. I've tried all of them but still getting error 700016. Here's what I've done:

1. App Registration verified

App ID matches everywhere: d4962f7f-93d6-4714-b43e-91d9a66f9dba

Secret is fresh and correctly set

App exists in Azure AD and is active

2. Environment variables set

MicrosoftAppId=d4962f7f-93d6-4714-b43e-91d9a66f9dba MicrosoftAppPassword=[HIDDEN] MicrosoftAppType=SingleTenant MicrosoftAppTenantId=dedde4dc-161d-418f-a6dd-149c0ea5ed88 MICROSOFT_APP_CHANNEL_SERVICE=https://smba.trafficmanager.net/amer/

3. Redirect URI added

Added https://token.botframework.com/.auth/web/redirect in Authentication settings

4. API Permissions

Added Microsoft Graph: openid, profile, User.Read

Granted admin consent

Note: "Bot Framework" permissions don't appear in the list anymore

5. Multiple recreation attempts

Created bot with automatic App Registration (not manual)

Tried in both Europe and US East regions

Used "Create new Microsoft App ID" option in Azure Bot creation

Results:

Bot receives messages successfully (200 OK in ngrok)

Bot logs show message received

Error 700016 occurs when bot tries to respond

Error message: "Application not found in the directory 'Bot Framework'
Abhilash Hota 5 Reputation points

2025-08-18T01:18:28.4633333+00:00

I am having the same problem. Tried every suggestion. Still the same error.
Sina Salam 24,096 Reputation points Volunteer Moderator

2025-08-18T09:15:00.8233333+00:00
Hello oblin denis,

Thank you for your feedback. Abhilash Hota, welcome and thank you for letting us know.

If Vinodh247 and my responses keep the error alive then, there are two things happening:

Wrong setting for Channel Service / OAuth scope

Outdated “Bot Framework permissions” advice

I will advise you do the followings for permanent fix:

Remove MICROSOFT_APP_CHANNEL_SERVICE (and any ChannelService/OAuthScope/ChannelAuthTenant) from env/app settings. For Public Azure, leave ChannelService unset so the SDK uses the default scope https://api.botframework.com. - https://learn.microsoft.com/en-us/azure/bot-service/bot-builder-authentication?view=azure-bot-service-4.0

MicrosoftAppType=SingleTenant

MicrosoftAppId=d4962f7f-93d6-4714-b43e-91d9a66f9dba

MicrosoftAppPassword=

MicrosoftAppTenantId=dedde4dc-161d-418f-a6dd-149c0ea5ed88

The redirect URI https://token.botframework.com/.auth/web/redirect is only for user OAuth connections (e.g., SSO), not bot-to-channel auth; it won’t fix 700016 either way. Understand that this will not resolve the issue - https://learn.microsoft.com/en-us/azure/bot-service/ref-oauth-redirect-urls?view=azure-bot-service-4.0

Make sure you’re using CloudAdapter + ConfigurationBotFrameworkAuthentication (SDK v4) rather than hand-rolling credentials. Example (Node/TS minimal idea) to support auth wiring in ts code :

import { CloudAdapter, ConfigurationBotFrameworkAuthentication } from 'botbuilder';

const auth = new ConfigurationBotFrameworkAuthentication(process.env);

const adapter = new CloudAdapter(auth);

This makes the SDK honor MicrosoftAppType/Id/Password/TenantId and the default public-cloud OAuth scope. (BotFrameworkAdapter + custom creds and “channelService” overrides are deprecated/error-prone.) - https://learn.microsoft.com/en-us/javascript/api/botbuilder/botframeworkadaptersettings?view=botbuilder-ts-latest

From any shell, request a token from your tenant for the Bot Service resource:

POST https://login.microsoftonline.com/dedde4dc-161d-418f-a6dd-149c0ea5ed88/oauth2/v2.0/token grant_type=client_credentials client_id=d4962f7f-93d6-4714-b43e-91d9a66f9dba client_secret=YOUR_SECRET scope=https://api.botframework.com/.default

If this returns an access_token, your app/secret are good and the issue is not the App Registration but how the bot/SDK was requesting tokens (Step 1). The resource to request is documented as https://api.botframework.com for public cloud. - as in the first link.

In the Azure Bot resource > Configuration > Microsoft App ID, click Manage and Switch to another app registration. Then pick the same app (d4962f7f-...) or, if you prefer, create a new manual app registration (Single tenant), then select it here. Save. This step forces Bot Service to (re)create the service principal it uses to recognize your bot when validating your outgoing token. (This is the reliable workaround when the portal’s automatic registration didn’t sync.) This will force the Azure Bot resource to (re)link your App ID - https://learn.microsoft.com/en-us/azure/bot-service/bot-service-quickstart-registration?view=azure-bot-service-4.0

Importantly: Don’t hardcode the smba… URL anywhere. The SDK will read the serviceUrl from the incoming activity and send the reply to that URL (examples in docs show smba.trafficmanager.net/{region} in the request path that’s expected). This will help to Redeploy/restart and test the right thing - https://learn.microsoft.com/en-us/azure/bot-service/rest-api/bot-framework-rest-connector-api-reference?view=azure-bot-service-4.0 So, send a message from Teams/Web Chat and confirm the bot now replies.

Answer 3

Abhilash Hota 5

I recreated the app id and it worked for a day. Then it stopped working again.

Share via

Azure Bot automatic App Registration not syncing with Bot Framework directory - Error 700016

3 answers

Your answer