MSAL-broswer Login Redirect (Reply) URI Mismatch

Question

I am currently experiencing a configuration issue with my website utilizing the @azure/msal-browser package for website authentication. I obtained the following error when I authenticate and attempt to redirect to the redirectURI. My redirectURI is registered in the app registration Azure site.

Error Message when logging into my website:

AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: '{clientId}'

Configuration options:

const msalConfig = {
  auth: {
    clientId: "{clientId}",
    authority: "https://login.microsoftonline.com/" + tenantId + "/",
    redirectUri: "{redirect URI}" // stored in app registration in Azure for authentication matching
  },
  cache: {
    cacheLocation: "sessionStorage", // This configures where your cache will be stored
    storeAuthStateInCookie: true, // Set this to "true" if you are having issues on IE11 or Edge
  }
}

Azure configuration site options 1:

Azure configuration site options 2:

Azure configuration site options 3:

SouravMishra-MSFT SouravMishra-MSFT · Accepted Answer · 2021-02-25T15:07:53

you can use the following PS Cmdlet to figure out the replyURLs configured for you app registration in AAD.

Get-AzureADApplication -SearchString {App-Name} | Select AppId, DisplayName, ReplyUrls | ft -Wrap

Make sure you add the exact string in your redirectUri property of your msalConfig object. If you have access to your Azure Portal then you can also check the Authentication blade of your app registration and make sure you are using the exact redirect/reply url configured there in the app registration.

MSAL-broswer Login Redirect (Reply) URI Mismatch

1 Answers