Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

b2clogin.com not working as redirect URI #34383

Closed
PaoloCastAway opened this issue Jul 2, 2019 — with docs.microsoft.com · 4 comments
Closed

b2clogin.com not working as redirect URI #34383

PaoloCastAway opened this issue Jul 2, 2019 — with docs.microsoft.com · 4 comments
Assignees
@frankhu-2021
Labels
active-directory/svc B2C/subsvc cxp doc-bug Pri2 triaged

Comments

@PaoloCastAway docs.microsoft.com
Copy link

I followed the instructions on this page, but https://your--B2C-tenant-name.b2clogin.com/your-B2C-tenant-name.onmicrosoft.com/oauth2/authresp doesn't work as Redirect URI: after successful authentication, I get "AADSTS50011: The reply url specified in the request does not match the reply urls configured for the application".
To make it work, I have to use https://login.microsoftonline.com/te/your-B2C-tenant-name.onmicrosoft.com/oauth2/authresp (please note the "te" segment in the URL)

Document Details

Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
@frankhu-2021
Copy link

@PaoloCastAway Thanks for your feedback! We will investigate and update as appropriate.

@frankhu-2021 frankhu-2021 self-assigned this Jul 2, 2019
@frankhu-2021
Copy link

@PaoloCastAway the reply URL is whatever the reply url you include in the parameter URL. So the issue is that you're sending the "te" in your request when logging in. Can you please double check that you have the correct reply url configured in the parameters of your request?

@frankhu-2021
Copy link

@PaoloCastAway As there hasn't been a response in quite some time I will be closing out this github issue, please reopen the issue and let us know if you have anymore questions.
Thanks!

@PaoloCastAway
Copy link
Author

Well, I think I didn't make myself understood. @FrankHu-MSFT, I beg your pardon. Let me try to give a better explanation.

So: in the context of this document, "application" is not something I'm developing, the "application" role is played by B2C. In order to accept identities from a plain Azure AD Tenant (by means of OpenID Connect), B2C needs us to create an App Registration in the target Azure AD Tenant . So, the reply URL is not emitted by my application, nor by my code; it's emitted by B2C itself, and as a dev I've no control on this URL. So, I had to sniff the actual Reply URL built by B2C when it's performing the OpenID Connect flow, and this Reply URL was not shaped as https://your-B2C-tenant-name.b2clogin.com/your-B2C-tenant-name.onmicrosoft.com/oauth2/authresp, on the contrary it's shaped as https://login.microsoftonline.com/te/your-B2C-tenant-name.onmicrosoft.com/oauth2/authresp

Anyway, this happened in July '19. Today (Sep '19) the https://your-B2C-tenant-name.b2clogin.com/your-B2C-tenant-name.onmicrosoft.com/oauth2/authresp is working fine, so the document is now aligned with the actual behavior. Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@frankhu-2021 frankhu-2021

Labels
active-directory/svc B2C/subsvc cxp doc-bug Pri2 triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@frankhu-2021 @PaoloCastAway @PRMerger17 @PRMerger18