Azure OAuth SSO - Custom handling for failed SSO

McDonald, Bruce 0 Reputation points
2024-03-27T06:06:38.4633333+00:00

I have registered an app on Azure . It is spring boot and is configured for Azure SSO.

We have configured a set of users to have access to the app and that works a treat. No login, main page comes up just fine.

BUT: What we really want is for those users that are not allowed in, we want to configure a "Failed SSO URL" so that azure redirects the user back to nice context sensitive page that gives them a heads up as to who they need to contact to get access etc etc.

Currently we get the messy azure page, albeit with our logo, but not a patch on having a context sensitive app specific page. Cannot find this function documented anywhere and cannot think why it would be a contentious feature?

No tags available for SSO, OAuth, redirect,?????

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,848 questions
Microsoft Entra
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. James Hamil 21,546 Reputation points Microsoft Employee
    2024-03-27T19:13:58.6566667+00:00

    Hi @McDonald, Bruce , to redirect users to a custom page when they fail to authenticate, you can use the onAuthenticationError method of the AADAuthenticationFilter class. This method is called when authentication fails, and you can use it to redirect the user to a custom error page.

    For Spring Boot you can make something like this:

    1. Create a custom error page in your application. This page should provide information to the user about why their authentication failed and what they can do to resolve the issue.
    2. In your Spring Boot application, create a class that extends AADAuthenticationFilter.
    3. Override the onAuthenticationError method in your custom filter class. In this method, you can redirect the user to your custom error page.
    4. Register your custom filter class with Spring Boot by adding it to your application's configuration:

    If this doesn't work or you need more detail please let me know.

    Please let me know if you have any questions and I can help you further.

    If this answer helps you please mark "Accept Answer" so other users can reference it.

    Thank you,

    James