Support for localhost subdomains as redirect URI in AAD. For example `http://app.localhost:3000`.

Question

Support for localhost subdomains as redirect URI in AAD. For example `http://app.localhost:3000`.

Gabriel Labelle 56

Hello,

Our app is a multi-tenant app that uses subdomains to create a clear distinction between the parts that doesn't require auth and the part that does and which are served via the https://app.ourdomain.com instead of https://ourdomain.com. The users can also access the app via the https://clientxyz.ourdomain.com

So the production app this is not an issue since we can use wildcards even though we see it's discouraged in the docs. We appreciate the flexibility.

The problem is during development, we need to replicate this. We need to have http://localhost:3000, http://app.localhost:3000 and http://clientxyz.localhost:3000 but I get the following error during the login flow:

AADSTS500117: The reply uri specified in the request isn't using a secure scheme.

In the Azure Active Directory admin center, I've set up a redirect URI to be the following via the manifest:

http://app.localhost:3000/api/auth/callback/azure-ad

Also tested with

http://*.localhost:3000/api/auth/callback/azure-ad

But I get the following error during the login flow:

When using Github as OAuth2 provider to login we do not face any errors, and it works flawlessly.

Thanks in advance for your time.

Shweta Mathur 30,296 Reputation points Microsoft Employee Moderator

2023-07-19T11:30:49.19+00:00

Hi @Gabriel Labelle ,

Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept Answer" which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.

Accepted answer

0 additional answers

Your answer

Shweta Mathur 30,296 Reputation points Microsoft Employee Moderator

2023-07-19T11:30:49.19+00:00

Hi @Gabriel Labelle ,

Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept Answer" which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.

Answer 1

Akshay-MSFT 17,951 Microsoft Employee Moderator

@Gabriel Labelle

Thank you for posting your query from above description I could understand that you are trying to register application with Azure identity but you are getting AADSTS500117: The reply uri specified in the request isn't using a secure scheme.

The above error is due to restrictions and limitations:

Redirect URIs must begin with the scheme https. There are some exceptions for localhost redirect URIs.

I would recommend to either use HTTPS scheme as prefix instead of HTTPS. However if this does not fulfil your requirement I would recommend to post this as a feedback request on our feedback portal as this is monitored by our service engineering team.

Thanks,

Akshay Kaushik

Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.

Gabriel Labelle 56 Reputation points

2023-07-19T22:56:28.6766667+00:00

Weird when I first wrote this question it was saying the question was deleted. So I wrote another here: https://learn.microsoft.com/en-us/answers/questions/1331304/support-for-localhost-subdomains-as-redirect-uri-i

The question was formulated a bit differently so they said they would reach out to the product team and share my feedback.

Thanks

Share via

Support for localhost subdomains as redirect URI in AAD. For example `http://app.localhost:3000`.

0 additional answers

Your answer