Why does the Azure portal use "Redirect URIs" and "Reply URL" when referring to the same? Shouldn't it be consistent? They are the same thing, right?
Yes, in the context you are describing Reply URLs and Redirect URIs are the same thing. This is why the reply URL in the app registration needs to match the Redirect URI in the web.config of your application.
Related
I have a domain that is protected through Azure b2c. The way I set it up is that a domain linked through Azure front-door is the login domain.
login.contoso.com
The app domain is
my.contoso.com
What is happening is that when I go to login.contoso.com (without any routing or path redirect uri's) directly it will default to a 404 error and land on this page
The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
To note, the correct path works. i.e. login.contoso.com/<token>azureb2c...
The issue is how to I handle the 404 error?
I'd like to default direct that to my main domain site i.e. contoso.com or someotherpage.
The odd part for me is that because the domain, sub-domain, is login.contoso.com I don't think there is actually a page from Azure emitting that. I think, correctly, that is just my domain's way of handling 404's or wrong page.
I already handle the redirect if the person goes to my.contoso.com and isn't logged in they go directly to login.contoso.com However, I don't think i'm handling the 404 errors correctly because anything outside of that emits the previously described error screen.
So I think the question is, how can I direct a subdomain's 404 to a url of my choosing of a domain that is setup through Azure front-door?
Is that just in the same permissions of my webconfig for the main app service domain ie., contoso.com? Or, is it the webconfig of the app service specifically for the subdomain my.contoso.com?
• You can surely configure the redirection for your different subdomains from a particular subdomain URL while logging in or any other kind of activity like session auto-logout after token expiration by configuring the correct routing rules for redirection in the Azure front door classic version.
Kindly check the snapshot below as demonstrated according to your requirement: -
Thus, according to the above snapshots, you can configure the redirection for the ‘login.contoso.com’ URL to the desired domain URL of your choice, i.e., ‘contoso.com’ or ‘someotherpage.com’ for in Azure AD B2C too.
• Also, in the above snapshot, I have selected ‘Temporary Redirect (307)’ for HTTPS protocol as according to the below documentation link, the target resource is temporarily under a different URI. The user agent MUST NOT change the request method if it does an automatic redirection to that URI. Since the redirection can change over time, the client ought to continue using the original effective request URI for future requests.
https://learn.microsoft.com/en-us/azure/frontdoor/front-door-url-redirect?pivots=front-door-standard-premium#redirection-types
As you want the redirection to happen for the ‘login.contoso.com’ URL when you redirect to that page, it will surely happen when you configure it accordingly as above since this redirection is temporary according to the situations stated above.
I want to force HTTPS on the gateway url of the Azure API Management services but there are no configuration settings for that.
By default, HTTPS is used by the browser but when I change it manually in the URL and switch to HTTP, I don't have a redirection to HTTPS which is what I'm looking for.
I see this as a feedback request : https://feedback.azure.com/forums/248703-api-management/suggestions/37192618-block-http-and-or-force-https .
You may want to vote for it if it aligns with your requirement.
However, it is under review now and as workaround it is mentioned to use a policy at the global scope to check protocol and return a redirect if it’s http.
Even after adding url in refirect uri, we are getting reply uri is not configured. Under F12 we see the auth request is trying to send redirect url as origin.*.com.
For any url we give auth request is aensing origin as the reply url.
How to add 2nd sign in url at azure portal for a web app?
Go to your application under App registrations->Authentication->Add a platform->Choose Web
Click Add URI to add URI.
By default aws will make the site names as origin.sirurl.
Once removing the origin it is working as expected
I have a setup like this:
A website at domain abc.com
Azure CDN points to it. So if you go to abc.azuredge.net you see abc.com
content. In the URL bar you see abc.azuredge.net.
I have another domain, qwe.com, I want abc.qwe.com to be the custom domain for the CDN endpoint.
In qwe DNS settings, I set a CNAME record, for abc to point to abc.azuredge.net.
I add the abc.qwe.com as a custom domain in the CDN endpoint.
My expectation:
I go to abc.qwe.com. I see abc.com content, from abc.qwe.com domain.
What happens: I go to abc.qwe.com, it responds with a parmanent redirect to abc.com.
Did I miss configured something, or it's supposed to work this way? I don't understand why it doesn't do a redirect on abc.azureedge.net, but if I add a layer on top of it, suddenly it just redirects to the origin.
In my case it ended up being not related to CDN. It was actually rules on a server that were doing a redirect under certain conditions, e.g. http to https, or www redirect.
As a side note, https redirect can be tricky. Now chrome uses https by default, so if you type in the url, it will go to https, thus no redirect. But if you select your custom domain text in azure portal and choose "go to xxx", it will actually go to http version, which will result in a redirect. So you might be under impression that you are going to https and it was redirecting, when in fact it was http.
I was planning to delete the question, but Erik H commented that he's having same issue so I decided to self-answer. Maybe it will help someone.
When setting up Azure application gateway external URL redirection, is it possible to rewrite, without changing the URL in browser address bar ?
If my understanding is correct, you want to access the application gateway website (usually xxx.cloudapp.net) or public IP address and redirect to an external website like www.bing.com.
It's impossible that the URL keeps displaying the xxx.cloudapp.net once redirecting to the www.bing.com. Since you have not owned the domain www.bing.com, you can not take control of an external site. Also, you use URL redirection. Certainly, the URL will redirect to another site. If the redirection URL is still the same as the original URL. Then the DNS could not resolve the redirection URL.
Application Gateway redirect overview
Hope this makes sense.