Error AADSTS50011 re empty reply address using Azure AD B2C and Azure AD

1
votes

I'm trying to configure Azure AD B2C to use Azure AD (org-owned) as an IDP using the instructions here: https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-setup-aad-custom. I believe I've completed all the steps but when trying log in using an AAD account (using the "Run now endpoint"), after entering the username and password I get the error

AADSTS50011: Reply address '' specified by the request is not a valid URL. Allowed schemes: 'http,https'

I understand in general what a reply address is, but I don't know where the (apparently empty) reply address is being found. I verified that the AAD App registration representing AAD B2C has a reply URL defined, and that the B2C Application representing the actual web app has a reply URL defined. I've also verified that the same B2C tenant allows login through another defined IDP (MSA accounts).

Any suggestions as to where to start looking?

thanks

Martin

1
azure-active-directoryazure-ad-b2c
When you are going through the Authentication Process, what Reply URL are you sending as the User logins in? Note redirect_uri is one of the properties you need to send, and likely that is where you are making a mistake if you validated your app object has all the right properties. - Shawn Tabrizi
Does this other answer help you out? - Chris Padgett
@ChrisPadgett - I don't think so, I've verified both the items mentioned in that answer. - M Herbener
@ShawnTabrizi - I am initiating the authentication by navigating to the "Run now endpoint" provided within the AAD B2C console for my AAD-specific policy; the URL includes a 'redirect_uri' parameter (pointing to localhost) whose value appears to match a reply URL defined for an app registered in the B2C tenant. - M Herbener
Can you share the exact parameter being sent? Can you also share the exact configuration you have set up for Reply URL? - Shawn Tabrizi

1 Answers

0
votes

The reply URL that you input when you register an app in your Azure AD tenant (not Azure AD B2C tenant) is case sensitive. Make sure everything is lowercase.