Swift - Firebase Auth with Microsoft Graph (Redirect URL Problem)

1
votes

I'm having a problem integrating Firebase with Microsoft Auth in my iOS App.

The login page has been launched and I can sign in by Office365 account but login auth can not be finished because of the below Error : 

"AADSTS50011: The reply url specified in the request does not match the reply urls configured for the application:[app-id]"

I did check the setting in Firebase and below are the settings I add in the app of Azure Active Directory :

  1. Web redirect URL : "*.firebaseapp.com/__/auth/handler"
  2. Supported account types : "Accounts in any organizational directory (Any Azure AD directory Multitenant)"

Here are the swift code I implement : 

provider = OAuthProvider(providerID: "microsoft.com")
provider?.customParameters = ["prompt": "consent", 
                              "login_hint": "Login Hint"]

provider?.scopes = ["mail.read", "calendars.read"]

provider?.getCredentialWith(_: nil){ (credential, error) in

    if let credential = credential {

        Auth.auth().signIn(with: credential) { (authResult, error) in
            if let error = error {
                print(error.localizedDescription)
            }
        }
    }
}

Does anyone know how to solve the problem or have the same problem?

1
iosswiftfirebasefirebase-authenticationazure-active-directory
Unrelated to your issue with the reply URL (you already have an answer to that below): you should not be including the prompt=consent custom parameter. This will cause issues for you application.Philippe Signoret
@PhilippeSignoret What kind of issues will be caused if I include prompt=consent? (e.g.force users to provide consent?)Liling Chen
In many organizations, users are not allowed to consent. In these organizations, admins will consent on behalf of all users. But even when an admin has already consented on behalf of all users, if you force consent with prompt=consent users will be blocked (because they're not allowed to consent, and your app is forcing them to re-consent). You should only use prompt=consent when you have established that the permissions your app requires have not already been granted.Philippe Signoret
@PhilippeSignoret Noted and will be careful in future usage!! Thank you so much for reminding me.Liling Chen

1 Answers

0
votes

When registering apps with these providers, be sure to register the *.firebaseapp.com domain for your project as the redirect domain for your app.

Have you replaced * with your projectName? You can find your Authorized Domain under Authorized Domains in firebase console. The redirect uri should be something like 

https://yourFirebaseApp.firebaseapp.com/__/auth/handler