Can I use the same AAD AppID for two applications

Question

I created two application instances [Dynamics 365 Finance and Operations] for prod and test environments. I'm now getting the following error.

Unable to get the channel information Detail Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException: AADSTS700027: Client assertion contains an invalid signature. [Reason - The key was not found., Thumbprint of key used by client: '0DEC01638DF6D70A2D57DFE338ABFC3D6BD45458', Please visit 'https://developer.microsoft.com/en-us/graph/graph-explorer' and query for 'https://graph.microsoft.com/beta/applications/00000015-0000-0000-c000-000000000000' to see configured keys] Trace ID: afa96f28-9dbe-48cb-a569-431f637b1a00 Correlation ID: 8981ef7c-9bd5-427e-bd33-072fc7faca86 Timestamp: 2020-02-05 07:47:17Z ---> System.Net.Http.HttpRequestException: Response status code does not indicate success: 401

This log is from the test environment and now it started giving this error after I started creating the production environment using this AAD_AppId: 00000015-0000-0000-c000-000000000000. So my question is, Is it possible to use the same AAD_AppId for two applications.

Answer 1

No, you can't.

The Application ID of an AD App is a GUID across all the Azure AD tenant, you can just use the same Displayname of the AD App for your prod and test environments at most. Eevn they have the same Displayname, they will have different Application IDs.

Besides, the 00000015-0000-0000-c000-000000000000 is the Application ID of the Microsoft application Microsoft Dynamics ERP, it will appear in the Enterprise applications in the AAD tenant which used it, they will have different Object id in different tenant, but they will have the same Application ID.