That is because "IN" expects a table and you're giving it a string. Even with the "like" as suggested it would be very sloppy and your results won't be accurate at all.
You'd need something like the following to convert the string to a table for it to work:
CREATE FUNCTION [dbo].[split] (
@sourcestring varchar(8000),
@spliton varchar(1)
)
RETURNS @split table(value sql_variant)
AS
BEGIN
while (charindex(@spliton,@sourcestring)>0)
begin
insert into @split
select value = ltrim(rtrim(substring(@sourcestring,1,charindex(@spliton,@sourcestring)-1)))
set @sourcestring = substring(@sourcestring,charindex(@spliton,@sourcestring) + len(@spliton),len(@sourcestring))
end
insert into @split select value = ltrim(rtrim(@sourcestring))
RETURN
END
And then call it like this:
DECLARE @ContentIDs VARCHAR(MAX);
SELECT @ContentIDs = 'e28faa48-adea-484d-9d64-ba1e1c67eea3,8338A6DE-8CDF-4F52-99CE-62E2B107FF97'
SELECT * FROM [Content] WHERE [ID] IN (select value from dbo.split(@ContentIDs,','))