REDIRECT_URI issue when creating new AD B2C APP

0
votes

I am currently creating an Azure B2C Application, to be used by our company site.

I followed the instructions on the following sites:

http s://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-app-registration

http s://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-reference-policies

Specifically, I did the following:

  1. Under "Applications", I Created a B2C Application, named "My B2C App"
  2. Generated a key. Noted this down as well as the Application ID
  3. Set the Reply Url to "https://mysite.test.com/login/"
  4. Under "Identify Providers", I selected "Microsoft", and used the Application ID and key in #2
  5. Under "Sign-in Policies", I created a new policy names "B2C_signin1".
  6. Set the Identify Provider to "Microsoft".
  7. Under "Application Claims" I selected "Display Name", "Email Address", "Given Name", "Identify Provider", "Surname", and "User's Object ID"
  8. Once saved, I select the Application "My B2C App", and select the "Reply URL" --> "https://mysite.test.com/login/", which is already there in the dropdown by default.
  9. I click on "Run now".

I get redirected temporarily to the generated URL below:

https /login.microsoftonline.com/mytenant.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1_signin1&client_Id=&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fmysite.test.com%2Flogin%2F&scope=openid&response_type=id_token&prompt=login

I then get the error:

https /login.live.com/err.srf?lc=34313#error=invalid_request&error_description=The+provided+value+for+the+input+parameter+'redirect_uri'+is+not+valid.+The+expected+value+is+'https //login.live.com/oauth20_desktop.srf'+or+a+URL+which+matches+the+redirect+URI+registered+for+this+client+application.&state=

Why am I getting this error when the Reply URL I set up in for my Application is the same as the one I used in the creation of my policy? Is the way I set up my B2C App is correct? Could this be a bug in B2C App creation?

I did follow the instructions in the links above to the letter.

Any assistance on this issue would be appreciated.

1
azure-ad-b2c

1 Answers

4
votes

This is an error from your Microsoft identity provider, the redirect uri of your Microsoft application is not valid. It must be like this: https://login.microsoftonline.com/te/YOURTENANT.onmicrosoft.com/oauth2/authresp

You can find the documentation here: https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-setup-msa-app