Please, please, please modify the App Registration | Branding | Publisher Domain verification to either (a) accept the specification standard header for JSON, which is and always will be "application/json; charset=utf-8", or (b) allow us to use a DNS CNAME or TXT record validation, like all other verification systems on the Internet (such as Google, AWS, or Oracle).
Can't verify publisher domain for web app
Asking on behalf of the user dataportabiltiy who originally posted on: https://social.msdn.microsoft.com/Forums/en-US/ef2e2ed8-1377-448e-97f8-c5156526ec38/cant-verify-publisher-domain-for-web-app?forum=AzureStack
On our web app, under Publisher Domain for the Branding it says unverified. The instructions to configure the domain say
To verify a publisher domain for {0}
Create a file named microsoft-identity-association.json and paste in the following content. Or, use the link provided to download the content.
{
"associatedApplications": [
{
"applicationId": ""
}
]
}
Download
Host the file at:
https://EXAMPLE.COM/.well-known/microsoft-identity-association.json
Click 'Verify and save domain' below.
When we visit the url, our application id is there, but when we click "Verify and save domain" we get this error:
"Verification of publisher domain failed. Error getting JSON file from https:///.well-known/microsoft-identity-association. The server returned an unexpected content type header value. [gS599]"
The host link returns the right results but it looks like its returning HTML instead of the raw json? Inspecting via a browser shows that the content type response header is: content-type: application/json; charset=utf-8
According to a support page that i'm unable to link, it looks like it needs to be just application/json. Unfortunately, we use an open source library and the only MediaType available is the one we set. It would be non trivial to update this.
Is there anyway to get a manual verification?
10 answers
Sort by: Most helpful
-
-
Raydiant Operations 31 Reputation points
2020-05-26T20:51:31.667+00:00 It turns out that it is impossible to remove the
charset=utf-8
from the content-type header sent by Wordpress or Github, or any other HTTP spec compliant webserver, for that matter. Since Microsoft is not HTTP compliant, their own webserver can do this (by breaking the HTTP 1.1 spec).In effect: ALL servers return "application/json; charset=utf-8", and not "application/json", because UTF-8 has been the standard for over sixteen years. And: on Wordpress and Github you cannot override this header.
So: it is technically impossible to verify apps if your company happens to run a normal website. 80% of the Internet, which runs on Wordpress and Github, cannot verify an Azure application.
Please, please, please modify the App Registration | Branding | Publisher Domain verification to either (a) accept the specification standard header for JSON, which is and always will be "application/json; charset=utf-8", or (b) allow us to use a DNS CNAME or TXT record validation, like all other verification systems on the Internet (such as Google, AWS, or Oracle).
Thank you,
David Phipps
VP of Engineering
Raydiant, Inc. -
Dylan Strang 21 Reputation points
2020-08-07T09:11:36.33+00:00 I found the solution for this.
You have to add a custom domain and verify it with TXT or MX
https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/add-custom-domain
-
Cronoz Founders 6 Reputation points
2020-11-22T11:20:10.147+00:00 I have been waiting for a while now to be able to verify my domain. It is literally impossible to remove charset=utf-8. Do they just not care about the fact that people cannot verify their domains? It can't be that hard of a fix. The portal is probably expecting an exact string, instead of just checking to see if it contains application/json. This is really frustrating. Not sure how the PR made it through code review. Its impacting users who have literally been complaining since January. It's almost been a year.
-
Ryan Hill 28,371 Reputation points Microsoft Employee
2020-01-21T17:39:17.633+00:00 @FOC-0664, it may seem non-trivial but try removing
charset=utf-8
from the response header. This appears to have corrected a similar issue folks were having over at https://github.com/MicrosoftDocs/azure-docs/issues/35934.If that doesn't help, let me know.