What are the functional differences between App ID URI and Return URLs in AzureAD app registrations?

Anne Admin 1 Reputation point

We are encountering an issue with AzureAD where the App ID URI cannot be set to a URL which is not a trusted domain

No such restriction applies to return URLs

Why are the restrictions different between these two functions? My understanding was that they were almost completely interchangeable

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,063 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Shweta Mathur 28,616 Reputation points Microsoft Employee

    Hi @Anne Admin ,

    Thanks for reaching out.

    I understand you are skeptical about the Application Id URI and Redirect URI which need to register in the portal while Application registration.

    The Application ID URI field is used to uniquely identify the scopes of your custom api and hence that entry has to be globally unique. You can either use the default value provided, which is in the form api://<application-client-id> or specify a more readable URI like https://contoso.com/api.

    It would always recommend a fresh setup for the app registration, if that is a possibility on your end and set App Id URI which always generates unique App ID URI name in its Azure AD tenant or verified customer owned domain.

    Supported application Id formats are mentioned here.

    whereas redirect URI, or reply URL, is the location where the authorization server sends the user once the app has been successfully authorized and granted an authorization code or access token. This can be any page and not required to be always unique.

    However, there are some restrictions for redirect URL which is mentioned here.

    Both the application Id URI and Redirect URL have different functionality and cannot be interchange.

    Hope this will help.



    Please remember to "Accept Answer" if answer helped you.