I've registered an app in Azure AD and can successfully authenticate users against it while running on localhost.
The Azure AD app's Redirect URI is set to https://localhost:44352/sigin-oidc and the Logout URI is https://localhost:44352/signout-oidc
If I deploy my MVC app to Azure the host name will be different from "localhost". Do I have to register another app for deployment or just add a second redirect URI? But what about the logout URL then - only one can be configured there?
Second redirect URI. Here are some pointer on restrictions on redirect URIs.
Logout URI is only relevant to your application. Not the application registration.
If you are referring to the post_logout_redirect_uri, as described here - it must registered in the redirect_uris as well:
Or if you consider the logoutUrl as described in the Manifest - that is only used when you perform a Single-sign-out of all web apps, as described here. Frankly, there are very few reasons to use the single sign out capability of Azure AD. And, it requires of course that all apps are configured for single sign out.
