Cannot register Application ID URI api://{instance}.service-now.com/{client_id}

Larry Lau 116

I am establishing integration between our Microsoft Teams instance and our ServiceNow instance. One of the step is to register a single-tenant application in our Azure AD with Application ID URI in the following format api://{instance}.service-now.com/{client_id}

However, I keep getting the following error message:
Failed to update application property. Error detail: The host name should not be based on already owned domain paramName.

ServiceNow is a SaaS application hosted by ServiceNow at {our_instance}.service-now.com so I don't own the service-now.com domain and I can't add this domain as a custom domain in our Azure AD tenant. I can't change where it is hosted either.

MS Teams expects the Application ID URI in the above format in order for SSO to work. As they use this value to ensure your request is coming from the same domain.

I contacted ServiceNow technical support and was told to contact Azure support. I am not sure who is responsible to make this work. Any suggestion what I can try?

Emily Hua-MSFT 27,466 Reputation points

2021-02-15T01:21:17.37+00:00

anonymous user-lau
As this issue is not about Office deployment, so I removed tag "office-it-pro".
Thanks for your understanding.
John D 1 Reputation point

2021-02-24T15:22:48.737+00:00

I am having the same issue when going through the service-now documentation.

Accepted answer

Larry Lau 116 Reputation points

2021-02-26T07:00:05.62+00:00

Turn out that the Azure AD team has rolled out additional logic recently. The workaround is to use https:// instead of API://

So your Application ID URI should have this format https://{instance}.service-now.com/{client_id}

You will use this as your Client ID to match accordingly in ServiceNow.
Please sign in to rate this answer.
Adrian Herdan 1 Reputation point

2021-03-09T06:44:03.437+00:00

Hi Larry,

Where you able to configure the ServiceNow Teams HUB using the solution above? Any tips and tricks? We are still getting an error.

Thank you,
Adrian

Larry Lau 116 Reputation points

2021-03-09T15:47:04.827+00:00

Hi Adrian,

Yes, I am able to set up ServiceNow Your Hub in MS Teams. The workaround is to use https:// instead of api:// in the Application ID URI

In the Edit a manifest file step, change the resource property to match your Application ID URI

"webApplicationInfo": {
"id": "xxxxxxx-xxx-xxx-xxx-xxx",
"resource": "https://{your-instance}.service-now.com/xxxxxxx-xxxx-xxxx-xxx-xxxxxxxxx"
},

In the Verify and update application registry values step, sure the Client ID field, change that to match your Application ID URI as well.

Then follow the rest of the installation instructions. That is.

kapil Mahalingam 1 Reputation point

2021-03-16T18:43:48.54+00:00

Hi Larry-lau

Edit manifest file, How to set the resource property in manifest file ? What I did is manually edited the XML file and loaded it in teams.. but am getting user not authorised error?

Narasinha Kamath 1 Reputation point

2021-05-06T14:49:55.367+00:00

Hi anonymous user-lau
I am trying to Set the App ID URI in Azure as part of ServiceNow for Teams setup.
When I enter https://{instance}.service-now.com/{client_id}, to set Application ID URI in Azure, I am getting a different error. as below.
"Failed to update Application ID URI application property. Error detail: The Application ID URI must be from a verified domain within your organization's directory."

Any idea, what I configuration I am missing?

Larry Lau 116 Reputation points

2021-05-06T15:40:43.6+00:00

Hi @Narasinha Kamath ,

It appears Azure AD team has fixed the issue. You should be able to use api://{instance}.service-now.com/{client_id} as documented here.
Sign in to comment

4 additional answers

Rama-MSFT 176 Reputation points

2021-02-15T07:43:02.717+00:00

Hi anonymous user-lau,

Currently using Domain as *.azurewebsites.net is not supported. Could you please check this docs for more info. Also check the below screen shot.
Please sign in to rate this answer.
Larry Lau 116 Reputation points

2021-02-15T19:08:10.853+00:00

I do understand that the azurewebsites.net domain is not supported. I thought I was very clear that my domain is {instance}.service-now.com. This is because service-now is a SaaS application. We are a customer of ServiceNow and we don't have control over the domain name here. I don't work for ServiceNow.

On the other hand, the second restriction seems relevant.

The instruction for setting up the integration for ITSM with Microsoft Teams is impossible to follow due to this restriction.

It seems overly restrictive since it doesn't consider the SaaS scenario where application is hosted on domain other than your AD tenant. It only accounts for enterprises registering their own app and has control over the domain name.

Rama-MSFT 176 Reputation points

2021-02-25T07:03:04.74+00:00

Hi anonymous user-lau,

Could you please confirm whether you are trying to use application uri id some where else?
Sign in to comment
Adrian Herdan 1 Reputation point

2021-02-22T06:58:59.173+00:00

I am experiencing the exact same issue with a customer. We originally were able to set it up on our own tenant 3 weeks ago, then about 2 weeks ago we got the same issue when doing the setup for a customer, tried doing it again on our own instance and got the same error. Is there any solution for this?
Please sign in to rate this answer.

0 comments No comments
Sign in to comment
Adrian Herdan 1 Reputation point

2021-03-10T16:49:06.007+00:00

Thank you Larry! Much appreciated! I was able to setup the HUB.
Please sign in to rate this answer.
kapil Mahalingam 1 Reputation point

2021-03-17T06:08:47.863+00:00

Hi Adrian

Could you please share the steps ? Am still getting an error “issue with authorising error” where and all do we need to change the URI ?

Thanks in advance
Kapil

kapil Mahalingam 1 Reputation point

2021-03-17T06:11:11.507+00:00

Hi Adrian

Could you please share the steps where do we need to update the resource ID in serviceNow , we are getting an error user authorisation fails..

Thanks in advance
Kapil

Narasinha Kamath 1 Reputation point

2021-05-06T14:50:54.623+00:00

Hi @Adrian Herdan
I am trying to Set the App ID URI in Azure as part of ServiceNow for Teams setup.
When I enter https://{instance}.service-now.com/{client_id}, to set Application ID URI in Azure, I am getting a different error. as below.
"Failed to update Application ID URI application property. Error detail: The Application ID URI must be from a verified domain within your organization's directory."

Any idea, what I configuration I am missing?
Sign in to comment
Shivaji Varma 1 Reputation point

2021-04-23T05:26:05.03+00:00

Can you please retire this article? As issue is now fixed.
Please sign in to rate this answer.

0 comments No comments
Sign in to comment