I created a blazor server app like this:
That works fine on my local machine. However, when deploying the website to azure I get the following error message: AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application
In the azure portal I navigated to the enterprise application that was automatically created during the project creation in visual studio. However, the "Homepage URL" is readonly.
How can I make this work?
Method 1:
Instead of Enterprise application go to App registration click on Authentication under Manage group, in Authentication Menu you can specify redirect URL.
Method 2:
You can modify application manifest for redirect URL and save it after modification.
Considering AAD application is created using your own account you should be owner of this application and can be able to modify it.
Let me know for any question, happy to help!
Related
I'm trying to add some authentication to my bot i followed this article link to do it and i used the AuthBot sample to test it
1- created azure identity provider
2- created connection in azure bot app service for the Azure active directory 2 provider
3- run the bot and test it
and it worked fine and when i tried to use it for first time it redirect me to this page
and i want to allow the user to request access approval and i followed this doc link
but nothing changed and the bot stile redirect me to this page.
is there is something missing?
You need to grant admin consent!
I have a web forms application which I developed for testing Authentication/Authorization scenarios. While creating the test project, I selected "No Authentication" which created my project to have no authentication mechanism code. I published the web site to my azure tenant and enabled the Azure Active Directory Authentication from the "Authentication / Authorization" under features. I created an Azure AD app pointing to my web application. After hitting the default page, the app now authenticates and everything seems to work fine.
However, when I run the app locally from within Visual Studio, I am not able to get the user information as there are no appropriate headers available, eg X-MS-CLIENT-PRINCIPAL-NAME. My next step was to call the graph API to get the detailed user information.
NOTE: I am able to include the OWIN code in my web project to authenticate users, but I want minimal code change to my existing on-prem windows authentication application.
Any help / guidance
However, when I run the app locally from within Visual Studio, I am not able to get the user information as there are no appropriate headers available, eg X-MS-CLIENT-PRINCIPAL-NAME. My next step was to call the graph API to get the detailed user information.
This is expected. The X-MS-CLIENT-PRINCIPAL-NAME header (and related headers) is added by the Authentication / Authorization module which runs in app service. when you run locally from Visual Studio, you won't have this module and thus won't have this request header.
If you want to use the same code both locally and in App Service, instead of looking at the request headers, I suggest using .NET APIs which surface up user information, such as ClaimsPrincipal.Current.Identity.Name. This should be populated correctly whether you're using Windows Authentication locally or Authentication / Authorization in Azure App Service.
You can find more information about the underlying mechanics of Authentication / Authorization here: https://cgillum.tech/2016/02/01/architecture-of-azure-app-service-authentication-authorization/.
I've developed a web app that uses Azure B2C authentication based on the sample code you can download. It all works when I am developing / debugging but I get a redirect_uri_mismatch error when I click on the 'Sign In' button after I have deployed the app to Azure App Services and I updated the Redirect URL in the B2C application, any idea why? It does not even load the Azure UI
Documentation on the topic is VERY thin, probably because it is still in preview...
You can use CallbackPath to set the correct route when authentication is successful
Example:
options.CallbackPath = new PathString("/account/ExternalLogin");
I found the problem, I forgot to update the web.config file when I deploy the code. You need to set the web.config correctly according to the redirect url
I had an Azure Website that was setup and was using PHP and WordPress.
I wanted to use the same name for a site that would be running node and deployed from github, so I deleted the first site and recreated it with my new information.
Now when I try to run azure site log tail mysite, I get back html that basically says 401 - Unauthorized: Access is denied due to invalid credentials..
I have other Azure Websites running under this same account/subscription that work fine and I can see my console.log messages when running tail. I even have one that is deployed from the same github repo/branch, so the code isn't any different.
The only difference is that another person setup the site when it was the PHP site. But I used my account when deleting and recreating.
Thanks.
Since the website was created by another person, I suggest you reset its credentials.
Open the Windows Azure Management Portal.
Go to the website's dashboard.
Click on "Reset your deployment credentials" and reset the username and password.
Click on "Reset your publish profile credentials".
Click on "Download the publish profile" and configure the command-line tools with the new profile, username and password.
ACS50001: Relying party with identifier https://localhost:44304/ was not found when I try to sign-in with my web site against WAAD.
What might I be doing wrong here? I've tried this over and over, following the instructions carefully:
Create ASP.NET 4.5 MVC web site in VS2012, Intranet template.
Configure web app for SSL - Enable SSL, and set startup URL to https://localhost:44304
Register app in Azure portal under Integrated Apps - App URL, App ID URI, and Reply URI all set to: https://localhost:44304/
Run Identity and Access against VS2012 project.
Copy metadata fields from WAAD portal into wizard, and click OK:
STS metadata document path: https://login.windows.net/06c6c283-5c4b-40c5-ac5c-21d2ff4364a3/FederationMetadata/2007-06/FederationMetadata.xml
App ID URI: https://localhost:44304/
When I launch app (first time, or after a reboot), I get the expected sign-in dialog. After signing in as one of my users, I get the ACS50001 error described above. If I try subsequently to again run the app, I get the error ACS50001 immediately (no sign-in dialog).
Any advice would be very much appreciated!
I had a similar problem and I solved it by making sure my Relying party and app URI were an exact match. I had a trailing slash on the relying party (or audienceUri) that I needed to remove.
i had similar problem.
and i solved it by giving permisssion to Application.
Follow below steps:
Go to Azure Portal - then Click on Azure AD
Go to your Applications
Click on Configure
Move to last Section - permissions to other applications
Click on Application Permission in Window Azure Active Directory Row
Select your permission.
And then Click on Save
Here i am attaching below screenshot , which shows where i have set my permission
May be you need to specific a view to the URL
https://localhost:44304/callback