Javascript - AADSTS900971: No reply address provided. on SPA with http://localhost as redirect_uri

artragis
December 5, 2023
168 views
0 votes
2 Answers

I am currently starting a Vue SPA application to join MS PowerBI and wanted to authentication with Microsoft.

In azure portal, we registered an application client as SPA and we gave http://localhost as redirect URI.

Then, on my view app, I run this code:

const formUrl = `https://login.microsoftonline.com/${values.tenantId}/oauth2/v2.0/authorize`
  const params= {
    client_id: values.clientId,
    redirect_uri: "http://localhost:3000",
    response_type:"code",
    response_mode:"query",
    scope:"https://analysis.windows.net/powerbi/api/.default",
    state:"mystate",
    prompt: "consent"
  }
  const url = new URL(formUrl)
  Object.keys(params).forEach(k => url.searchParams.set(k, params[k]))
  window.location=url.href ;

However, the login page always answers AADSTS900971: No reply address provided.

What can I do?

As asked in the comments, here is the configuration of my SPA

Answers

Chosen as BEST ANSWER
- artragis
- December 5, 2023 at 12:04 pm
- 0 votes
0
Following the advices in comments, I applied the solution found on https://learn.microsoft.com/en-us/answers/questions/1357913/aadsts900971-no-reply-address-provided-error-when. The configuration of callback uri must be Web instead of SPA.

The reason behind this seems to be this:
- The Single-page application platform specification (and its redirect URI type) supports both the auth code flow with PKCE and the implicit grant flow.
- The Web platform selection, when used by a single-page app, supports only the implicit grant flow.

(Edit)

- Sridevi
- December 5, 2023 at 4:27 pm
- 0 votes
0
The error occurred as you are using authorization code flow by setting redirect_uri as SPA but it supports either authorization code flow with PKCE or implicit grant flow.

To resolve the error, you can switch to authorization code flow with PKCE or remove SPA redirect URI and add it in Web platform in your app registration like this:

When I ran the Vue app now, it asked me to login where I got below consent prompt after signing in:
```
const formUrl = `https://login.microsoftonline.com/${values.tenantId}/oauth2/v2.0/authorize`
  const params= {
    client_id: values.clientId,
    redirect_uri: "http://localhost:3000",
    response_type:"code",
    response_mode:"query",
    scope:"https://analysis.windows.net/powerbi/api/.default",
    state:"mystate",
    prompt: "consent"
  }
  const url = new URL(formUrl)
  Object.keys(params).forEach(k => url.searchParams.set(k, params[k]))
  window.location=url.href ;
```
Once consent prompt is accepted, it redirected with code in address bar successfully like this:

If you prefer generating access token using authorization code flow with PKCE, you can check this SO thread by me where I generated token via Postman.

Reference:
AADSTS900971: No reply address provided. error when redirectURL is set and matches with request. – Microsoft Q&A by Shweta Mathur
Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.

Javascript – AADSTS900971: No reply address provided. on SPA with http://localhost as redirect_uri

Answers