I have an in-house Blazor App that uses the built-in Azure AD Single Sign On. I have the app registration set up correctly (I believe) as the majority of my users are able to access and use the app without issues.
I have one user who receives an AADSTS50011 error: The reply URL specified in the request does not match the reply URLs configured for the application : 'myappid'.
The use receives this error on their devices, but not when logging in from different devices, which leads me to believe there is something cached that's causing the problem but I've had the user clear their history and cached data, neither has worked. I've had them try private browsing, multiple browsers, all not working. What did work was having the user enter "Guest" mode in Chrome.
It appears that the user has previously signed into another organization's AD system from those devices, and I'm wondering if those cached credentials are causing the problem. Has anyone encountered this before?
The Blazor App uses .NET Core 3.1 and the Azure AD Nuget Package Microsoft.AspNetCore.Authentication.AzureAD.UI version 3.1.9 and was created from this tutorial: https://learn.microsoft.com/en-us/azure/active-directory/develop/tutorial-blazor-server
Some data from one of the failed requests:
Request ID
7ff66145-120b-4a70-a580-8f66905f0d00
Correlation ID
ca0440c0-50f3-4bc2-8e60-1c4571e68ccd
Authentication requirement
Single-factor authentication
Status
Failure
Sign-in error code
50011
Failure reason
The reply URL specified in the request does not match the reply URLs configured for the application: '{identifier}'. {detail}
Application ID
84e75cf0-4f4d-4b0a-821d-b9acfd17313d