Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,441 questions
A2HS breaks AzureAD oAuth/SSO
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 77%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Mwelander
1
Reputation point
When I use my AzureAD SSO/oAuth for authenticating users in a browser (on my web application) it works great. If a user opts to add my app to their iOS homescreen, the Microsoft login integrations doesn't work for them.
The error I get is
AADSTS55011 saying that the redirect URI does not match the URI configured for the application.
The URI displayed is the correct one, the one that works fine if said user goes through their browser without adding my webapp to their homescreen.
What's going on here?
I noticed that in the azure portal I have the option of adding a PWA in addition to a Webapp, but they then require different URIs for redirecting after authentication.
My webapp is not aware whether the user has added it to homescreen or not, so I can not differentiate, I can not pass the user to one login route from a browser and to another if they added my app to the homescreen. Catch22?
Furthermore, how does microsoft know whether the user is making the request from a A2HS browser or from regular safari (or other) browser?
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Givary-MSFT 27,796 Reputation points Microsoft Employee2022-11-17T05:35:02.443+00:00 @Mwelander Thank you for reaching out to us. Let me research on your ask and will revert back.
Sign in to comment