AADSTS50011: The reply url specified in the request does not match the reply urls configured for the application: ''

Question

I have a .NET Core 2 app template that is configured to use Azure AD out of the box.

The configuration is:

{
  \"AzureAd\": {
    \"Instance\": \"https:         


        

Answer 1

Besides the reply urls in Authentication settings, another setting is the "Supported account types" (which is readonly after created).

You should choose option as below when you created APP Registration

Then you should have the account type as below

Rather than this, it doesn't work

Answer 2

In some case, azure to use the 'www' on the url, even if you especific the url on the portal without 'www'. Use "https://www.mysite.co/signin-oidc" instead "https://mysite.co/signin-oidc" in your redirectUri variable.

Answer 3

You can refer to this Sample to rebuild your .NET core App and publish to the Azure.

There are some NOTES you need to pay attention to :

1. you need to change the port from 5000 to the effective one. Currently, it should be 61659. So, when you do a test in your localhost, you can set the reply URL in the AAD App with http://localhost:61659/signin-oidc

2. Update these URLs if you configure the app for production use or If you publish the App to Azure Web App, you should change the Reply URL in both App config file and AAD Application to be <AppURL>/signin-oidc

For example, https://www.contoso.com/signin-oidc or https://Myapp.azurewebsites.net/signout-oidc.

Answer 4

Small thing, but at the Web Tenant, at custom domains settings HTTPS Only option should be turned on depending on URLs used by the site. I had the same problem, as at the login, the redrect_uri=http://sitename was concatenated instead of https. Enabling this option resolved my authentication issue.

Answer 5

Make sure services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); must below the Authentication configuration.

services.AddAuthentication(options =>
{
    options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
    options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddOpenIdConnect(options =>
{
    options.Authority = "";
    options.ClientId = "";
    options.ResponseType = OpenIdConnectResponseType.IdToken;
    options.CallbackPath = "";
    options.SignedOutRedirectUri = "";
    options.TokenValidationParameters.NameClaimType = "name";
})
.AddCookie();

I was facing the same error due to having added AddMvc() before the AddAuthentication() extension method.

Answer 6

If you use React- Native. Able to check the web portal: https://portal.azure.com/.

iOS: {YOUR_BUNDLE_IDENTIFIER}://{YOUR_BUNDLE_IDENTIFIER}/ios/callback

Android: {YOUR_APP_PACKAGE_NAME}://{YOUR_APP_PACKAGE_NAME}/android/callback

pls refer with image below.

enter image description here