Infinite redirect Loop using the Azured Ad

Kundan Kumar 0 Reputation points
2024-03-21T09:32:56.28+00:00

Hi Team, Our base URL is set to '[http://localhost:6240'], and I have encountered a problem when attempting to access URLs beyond the base, such as '[http://localhost:6240/Mpa/Controller']. The issue manifests as an infinite loop, preventing successful navigation to the desired URLs. To provide more context, our authentication and authorization are implemented using Azure AD OpenID Connect. I have reviewed our configuration settings and code, but the problem persists. I have attached an image of the issue that I am encountering every time while trying to login Could you kindly assist in troubleshooting this issue or guide me on potential areas to investigate further? Any insights or suggestions would be and one more thing when i click second time in any page URL when is working.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,311 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. James Hamil 21,386 Reputation points Microsoft Employee
    2024-03-22T22:56:56.31+00:00

    Hi @Kundan Kumar , it looks like the image didnt upload, if you want to try again. This may be caused by a misconfiguration in your Azure AD OpenID Connect settings or in your application code.

    Can you please follow these troubleshooting steps and let me know if they help?

    1. Check your Azure AD OpenID Connect settings to ensure that the redirect URIs are configured correctly. The redirect URI should match the URL of your application, including the port number. If the redirect URI is not configured correctly, it can cause an infinite redirect loop.
    2. Check your application code to ensure that it is handling the OpenID Connect authentication flow correctly. Make sure that your code is properly handling the authorization code flow and exchanging the authorization code for an access token. If there is an error in the authentication flow, it can cause an infinite redirect loop.
    3. Check your application code to ensure that it is properly handling the state parameter. The state parameter is used to prevent cross-site request forgery (CSRF) attacks. If the state parameter is not handled correctly, it can cause an infinite redirect loop.
    4. Check your application code to ensure that it is properly handling the nonce parameter. The nonce parameter is used to prevent replay attacks. If the nonce parameter is not handled correctly, it can cause an infinite redirect loop.
    5. Check your application code to ensure that it is properly handling the session_state parameter. The session_state parameter is used to maintain the user's session state. If the session_state parameter is not handled correctly, it can cause an infinite redirect loop.

    For the issue where the URL works on the second click, it is possible that the authentication flow is not completing successfully on the first attempt, but is completing successfully on the second attempt. It may be resolved with a fix above as well.

    Please let me know if you have any questions and I can help you further.

    If this answer helps you please mark "Accept Answer" so other users can reference it.

    Thank you,

    James

    0 comments No comments