I mistakenly deleted the Azure AD application linked to my WebApp. Then I wanted to link it to a new one but the Azure AD Settings page keeps loading and looks stuck.
I tried to turn the authentication Off and then On again to see if it would restore the Azure AD to "Not Configured", but it doesn't work.
Here is a picture of my Auth Config:
Here is a picture of my Azure AD Config (nothing is clickable):
For now the only solution I have is to either disable the Auth completely or make a new WebApp. Is this a known bug?
So,
I deleted the application in Azure AD on Friday. Then I noticed the login didn't work anymore the following Monday. And today (Tuesday) it works again. The Auth settings page isn't stuck anymore and I could easily go in the "Advanced" tab and switch the ClienId to a valid one.
Not sure what the issue was, but it's fixed now.
Related
Since yesterday I can't add and application to my tenant or look at the properties of an already added application.
Also if I try to delete the directory I can't because it says I have to delete all the applications in the directory first, when I click to view the applications.... there are none...
Is there a problem going on with the service? Is there somewhere else I can find about this?
#Martin. It was a service issue. You can use B2C service blog
https://blogs.msdn.microsoft.com/azureadb2c/2018/11/28/investigating-administrators-are-unable-to-create-new-b2c-applications-or-modify-the-permissions-for-existing-b2c-applications/
Please confirm the issue was fixed for you.
In the past there was both the separate website AND the Azure classic portal for managing Signin Apps. In the Classic portal it would give you the ability to edit the ReplyUrls.
In the new portal no matter how you create an app (Enterprise or Application Registration) you can't edit your ReplyUrls from the UI. (With Application you can set them the first time but then they don't show up in the Application list from then on so it's impossible to edit them)
Meanwhile these same apps can have their replyUrls updated using Powershell without any problem.
To me this is a blocker bug, but maybe I'm doing something wrong? I've successfully gotten only 1 application to show up under application registrations. All others including ones created back in the Azure Classic day show up in Enterprise applications without even the Sign On Option showing up in the list of options for the application per the instructions on Microsoft's website.
I can private message an app Id as an example.
The user experience of the Azure portal changed for the worse (in my opinion).
I also had trouble finding my old apps... turns out they are now "hidden" by default.
they don't show up in the Application list from then on so it's impossible to edit them)
You will find them under "all apps".
I have an Azure WebApp and have activated the "Active Directory Authentication" in the Azure Preview Potal. Let's call it https://mysite.azurewebsites.net (not a real URL) Whis works as expected. However, when we add a deployment slot, we can't get authentication to work properly. When accessing the staged WebApp, e.g. https://mysite-staging.azurewebsites.net (not a real URL), we get redirected to
https://login.microsoftonline.com/<our-directory-guid>/oauth2/authorize?response_type=id_token&redirect_uri=https%3A%2F%2Fmysite-staging.azurewebsites.net/....
But the login portal gives us an error message:
AADSTS50011: The reply address 'https://mysite-staging.azurewebsites.net/<our-appliction-guid>/login' does not match the reply addresses configured for the application: .
The problem is, the WebApp does not show up as an application in our directory, so we can't set up alternate reploy URLs for it.
Is there any way to specify alternate addresses for WebApps, so that Azure AD login will work for deployment slots?
When you create the deployment slot, you need to re-setup the authentication for it, as if it's a new application. (From an app-service perspective, it is.)
The steps are roughly:
In the portal, go to your deployment slot under your app-service.
go to authentication/authorization
Go through all the steps to setup your authentication/authorization the same as for your production app. (Authenticate via AzureAD, Choose the provider, etc.)
Under "Manage App" in the staging environment, go to settings, and add new reply URL's for your staging environment. You should have your regular reply URL, and then the staging version:
https://myapp.azurewebsites.net/signin-oidc
https://myapp-staging.azurewebsites.net/signin-oidc
You should then be able to get in.
One weird thing that happened to me, is this didn't work, then I went into the staging authentication, and turned it off. That made everything work, and it correctly authenticated and didn't let me in if I wasn't signed in.
(I realize I'm posting this answer years after the original question, but after spending the better part of a week figuring it out, and this question repeatedly came up on searched, I wanted to document what I ended up doing in case someone else has a problem.)
I sure this will not fix the deployment slot is still pointing to live app but this fix this error as it is very silly.
AADSTS50011: The reply address 'https://mysite-staging.azurewebsites.net//login' does not match the reply addresses configured for the application: .
When you configure your URL under the application settings in Azure AD, you forgot… a trailing slash! That’s it! Can you believe that?
In other words, change this:
http://yoururlforyourapp
to this:
http://yoururlforyourapp/
Done! You’re welcome.
From http://www.matvelloso.com/2015/01/30/troubleshooting-common-azure-active-directory-errors/
Unfortunately it looks like you ran into some bugs in that version of the preview portal.
The Reply URL issue is likely because you created the staging slot after you configured auth on the production slot. In that version, we cloned the auth settings so your staging slot ended up pointing to the existing AAD application without adding the new Reply URL. This issue has been fixed by not auto-cloning auth settings when a new slot is created.
In any case, you should be able to find your application in the AAD management portal. If you're not able to see it, it could be because you need to change the "Show" dropdown filter from "Applications my company uses" to "Applications my company owns". Locating it and adding the staging Reply URL would have also worked around the issue mentioned above.
The error message you saw when trying to re-configure auth on your staging slot was likely another bug in the management portal if you were only seeing it on that staging slot.
The Authentication / Authorization blade has been radically updated since your question was asked, and all of these issues should be fixed now. Sorry for the inconvenience. I hope you were able to make progress in spite of these issues.
I am trying the new Azure Mobile apps(part of Azure App Services stack), published my mobile service to https://xxxxxxxx-code.azurewebsites.net.
Previously the application key used to work for password(when I click 'try it out') but now it is not allowing me to. Did anything change?
I had to add the MS_ApplicationKey app setting manually in the preview portal to get it working.
Try the Master Key (rather than Application Key). I'll look into whether something has changed, but I just tried the Master Key and that should work.
The title of my issue is clear enough by itself I hope....
I have only one application in my Applications list in Azure Active Directory. I would like to delete that, because it was only for experimental purposes.
But I cannot delete it, the delete icon in the drawer is greyed.
What can I do to delete the application from AAD?
For those coming by later and are using the new (preview) Azure Portal and are trying to remove a Native App;
The issue is due to the availableToOtherTenants setting, which you can not edit in the UI at the moment of writing. However, you can add the Manifest manually through the Azure Portal and edit the setting. After the edit, you can remove the app.
If it's a multi-tenant app, you need to convert it back to a single-tenant app before you can delete it. Please confirm that the setting 'Application is Multi-Tenant' (on the configure tab) is set to No.
Just adding to this - make sure that you are the owner of the application - if you're not, assign yourself ownership and delete will be enabled.
Unable to delete Azure AD due to Enterprise Apps (Delete grayed out)
Login to a Powershell (Admin)
Install-Module -Name MSOnline
connect-msolservice
(Provide GA Creds)
CAUTION: Following step may delete all the objects/applications recursively and may present multiple errors as well, but in the end, all this will help you to be finally able to delete the Azure AD instance successfully
Get-MsolServicePrincipal -All | Remove-MsolServicePrincipal
Sign-out and Sign-in Azure Portal
All enterprise apps will now be deleted --> You can Delete Azure AD Directory now
Whilst old, I stubmled across this issue earlier and found this post.
The portal has changed and none of the above worked for me (although I did not edit the manifest) - what I did do was go into AAD > Enterprise Applications and, from there, I could delete the Native applications.
Hope this helps someone (possibly me!) later.