skip to Main Content

After deploying my Azure AD integrated app to IIS I can’t login anymore.

The app is configured on xxx.abc.com with the following settings in Azure AD
enter image description here

When I try to login by going to https://xxx.abc.com I get the following message:

AADSTS50011: The redirect URI ‘https://xxx.abc.com/signin-oidc’ specified in the request does not match the redirect URIs configured for the application ‘XXXXX-118d-4041-8117-XXXXX’. Make sure the redirect URI sent in the request matches one added to your application in the Azure portal. Navigate to https://aka.ms/redirectUriMismatchError to learn more about how to fix this. More details: Reply address did not match because requested address had a trailing slash.

Reading this error it makes me think the error is due to the trailing dash in the Azure AD configuration as shown in the image "https://xxx.abc.com/signin-oidc/". The thing is, if I try to remove the trailing dash it says "The path of the url does not end with ‘/’" and it doesn’t allow me to save the change.

enter image description here

I’ve tried all kinds of variations of the urls but to no avail.

The current configuration does work (!) when debugging with Visual Studio at https://localhost:7098/.

2

Answers


  1. Chosen as BEST ANSWER

    I eventually solved the problem by adding a trailing dash to the callback path in appsettings.json

    "CallbackPath": "/signin-oidc/"
    

  2. The error " AADSTS50011" usually occurs if the redirect Uri application is redirected doesn’t match the redirect Uri registered in the application.

    Make sure to deploy the Azure web app in Azure Active Directory and make sure to add the Uri:

    Go to Azure Portal -> Azure Active Directory -> App Registrations -> New Registration

    enter image description here

    Check whether the redirect Uri matches like below:

    Go to Azure Portal -> Azure Active Directory -> App Registrations -> Your App -> Authentication

    enter image description here

    Or copy the redirect Uri from the error message and add the copied redirect Uri in your Azure portal application and save.

    Otherwise please try following this Microsoft QnA by AmanpreetSingh-MSFT.

    • Try updating the Uri as AppURL/signin-oidc as mentioned in this SO Thread by Wayne Yang.

    If still the issue persists, refer the below links which might give you a pointer to solve the error:

    Identity Error AADSTS50011 Azure AD by Ben Murphy Dev Blog

    How to fix "AADSTS50011: The reply address does not match the reply addresses configured"by Antti K. Koskela

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search