Exception AADSTS50011 is thrown when using azure ad authentication

0
votes

I have been developing a C# MVC application. Using azure ad to authenticate the users.

But when deployed on IIS, it can only works when accessing the website by "https://localhost". But an error is thrown when accessing the website by "https://machinename".

AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: '4e392b7a-####-####-####-####'.


2 urls are configured on the azure ad authentication:
https://machinename/
https://localhost/

The configuration in the file web.config:

<add key="ClientId" value="4e392b7a-####-####-####-############" />
<add key="Tenant" value="72f988bf-####-####-####-############" />
<add key="Authority" value="https://login.microsoftonline.com/{0}/v2.0" />
<add key="RedirectUri" value="https://machinename/" />
<add key="PostLogoutRedirectUri" value="https://machinename/KeepAlive/SignOut" />
1
authenticationazure-active-directory
I wrote an answer on this a while back. You need to check that EVERYWHERE the reply URL is specified it matches exactly. Does the registered app in azure match the app config settings? stackoverflow.com/questions/49611677/…S. Walker
If my answer is helpful for you, you can accept it as answer( click on the check mark beside the answer to toggle it from greyed out to filled in.). See meta.stackexchange.com/questions/5234/… This can be beneficial to other community members. Thank you.Carl Zhao

1 Answers

0
votes

According to your error message, you must ensure that the reply URL in the Azure portal is exactly the same as the reply URL configured by the application.

I have answered similar questions before, There is a general solution to the problem of not match:

When you visit the application url , you will be redirected to the login page. Decode the authorization request URL, you will find redirect_uri, copy the value of redirect_uri and paste it into the azure portal, and try again.

enter image description here

Update:

Thanks for the solution provided by @Tom. For this error, you also need to add the port :

https://machinename/{port}
https://localhost/{port}