I want to add an Azure B2C Web Redirect URI that has a query string

mk 0 Reputation points
2024-10-22T20:34:39.1533333+00:00

I am trying to add a redirect URL for an Azure ADB2C Application with a redirect uri that has a query string. For example https://abc.def.com/samldefault.aspx?ouid=100
The User Interface does not allow that. I tried to edit the manifest also.

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. James Hamil 27,221 Reputation points Microsoft Employee Moderator
    2024-10-23T18:59:18.4133333+00:00

    Hi @Manoj Keechilot , you'll most likely need to use the state parameter.

    "Azure AD apps can now register and use reply (redirect) URIs with static query parameters (for example, https://contoso.com/oauth2?idp=microsoft) for OAuth 2.0 requests. The static query parameter is subject to string matching for reply URIs, just like any other part of the reply URI. If there's no registered string that matches the URL-decoded redirect-uri, the request is rejected. If the reply URI is found, the entire string is used to redirect the user, including the static query parameter.

    Dynamic reply URIs are still forbidden because they represent a security risk and can't be used to retain state information across an authentication request. For this purpose, use the state parameter."

    Please let me know if you have any questions and I can help you further.

    If this answer helps you please mark "Accept Answer" so other users can reference it.

    Thank you,

    James


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.