AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: '6070898a-ddc3-42e2-a478-e3f48f59f65a

Anand Ganjikunta 1 Reputation point
2020-11-29T02:14:37.297+00:00

I have been trying to get my sample web project working last 3 days and no luck. could you please help?
I used quicksample using Azure web app and created app service, app registered and also followed some suggestions to use below url as ReplyURL
https://webapp-openidconnect-dotnet20201126153555.azurewebsites.net

Sign in
Sorry, but we’re having trouble signing you in.

AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: '6070898a-ddc3-42e2-a478-e3f48f59f65a'.

Troubleshooting details
If you contact your administrator, send this info to them.
Copy info to clipboard
Request Id: bb0706ce-e3d5-4f38-9c44-55896fdc4b01
Correlation Id: 0ea4789c-c298-4a8b-ae58-2230ecaebc24
Timestamp: 2020-11-29T02:11:09Z
Message: AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: '6070898a-ddc3-42e2-a478-e3f48f59f65a'.
Advanced diagnostics: Enable
If you plan on getting support for an issue, turn this on and try to reproduce the error. This will collect additional information that will help troubleshoot the issue.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,418 questions
0 comments No comments
{count} votes

18 answers

Sort by: Most helpful
  1. AmanpreetSingh-MSFT 56,301 Reputation points
    2020-12-01T14:30:42.33+00:00

    @Anand Ganjikunta · Please try registering both of the following URLs as reply urls in your application and test again.

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.

  2. AmanpreetSingh-MSFT 56,301 Reputation points
    2020-11-30T05:46:33.377+00:00

    Hi @Anand Ganjikunta · Thank you for reaching out.

    I tracked the correlation Id that you have shared and found the reply url in the request is https://webapp-openidconnect-dotnet20201126153555.azurewebsites.net/signin-oidc but the reply urls (redirect uris) registered in the application: '6070898a-ddc3-42e2-a478-e3f48f59f65a' are https://localhost:44321/ and https://localhost:44321/signin-oidc.

    To resolve the issue, make sure the reply url registered in the application: '6070898a-ddc3-42e2-a478-e3f48f59f65a' is https://webapp-openidconnect-dotnet20201126153555.azurewebsites.net/signin-oidc

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments

  3. Anand Ganjikunta 1 Reputation point
    2020-11-30T14:26:37.573+00:00

    Thanks for the response!
    I already tried updating reply url for app registration to https://webapp-openidconnect-dotnet20201126153555.azurewebsites.net/signon-oidc but still getting below error. i even republished sample app after updating apps.json file with below. No clue why it fails
    "AppRegistrations": [
    {
    "x-ms-id": "active-directory-aspnetcore-webapp-openidconnect-v2",
    "x-ms-name": "aspnetcore-webapp-openidconnect-v2",
    "x-ms-version": "2.0",
    "replyUrlsWithType": [
    {
    "url": "https://webapp-openidconnect-dotnet20201126153555.azurewebsites.net/signin-oidc",
    "type": "Web"
    }
    ],
    "oauth2AllowIdTokenImplicitFlow": true,
    "logoutUrl": "https://webapp-openidconnect-dotnet20201126153555.azurewebsites.net/signout-callback-oidc",
    "requiredResourceAccess": [
    {
    "x-ms-resourceAppName": "Microsoft Graph",
    "resourceAppId": "00000003-0000-0000-c000-000000000000",
    "resourceAccess": [
    {
    "id": "e1fe6dd8-ba31-4d61-89e7-88639da4683d",
    "type": "Scope",
    "x-ms-name": "user.read"
    }
    ]
    }
    ],

    ERROR:
    Sign in
    Sorry, but we’re having trouble signing you in.

    AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: '6070898a-ddc3-42e2-a478-e3f48f59f65a'.

    Troubleshooting details
    If you contact your administrator, send this info to them.
    Copy info to clipboard
    Request Id: fd110936-f305-4b07-bd52-ea2782847701
    Correlation Id: b666a62e-f6ef-43ab-aae4-04e2c42d90fa
    Timestamp: 2020-11-30T14:24:17Z
    Message: AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: '6070898a-ddc3-42e2-a478-e3f48f59f65a'.
    Advanced diagnostics: Enable
    If you plan on getting support for an issue, turn this on and try to reproduce the error. This will collect additional information that will help troubleshoot the issue.

    0 comments No comments

  4. Anand Ganjikunta 1 Reputation point
    2020-11-30T14:42:41.723+00:00

    I tried to change anonymous auth for WebApp-OpenIDConnect-DotNet20201126153555 to use app registered now getting below error

    The page cannot be displayed because an internal server error has occurred.

    Happy to hop on a zoom call, i'm trying to bring in internal apps to azure space and this will be breakthorugh to solve.

    0 comments No comments

  5. Anand Ganjikunta 1 Reputation point
    2020-11-30T14:56:39.857+00:00

    After turning on app logs see below error, Please advise
    2020-11-30T14:53:29 PID[6292] Verbose Received request: GET https://webapp-openidconnect-dotnet20201126153555.azurewebsites.net/
    2020-11-30T14:53:29 PID[6292] Information Downloading OpenID configuration from https://sts.windows.net/84d7429e-d6a2-4f9c-a2e7-aa4e078d5e80/.well-known/openid-configuration
    2020-11-30T14:53:29 PID[6292] Verbose Calling into external HTTP endpoint GET https://sts.windows.net/84d7429e-d6a2-4f9c-a2e7-aa4e078d5e80/.well-known/openid-configuration.
    2020-11-30T14:53:29 PID[6292] Warning Call to HTTP endpoint https://sts.windows.net/84d7429e-d6a2-4f9c-a2e7-aa4e078d5e80/.well-known/openid-configuration failed: 400 (Bad Request). Partial response: {"error":"invalid_tenant","error_description":"AADSTS90002: Tenant '84d7429e-d6a2-4f9c-a2e7-aa4e078d5e80' not found. This may happen if there are no active subscriptions for the tenant. Check to make sure you have the correct tenant ID. Check with your subscription administrator.\r\nTrace ID: efcb63da-fdc2-4aa5-9739-01a8ac7c1001\r\nCorrelation ID: c6c33330-da75-468b-93fe-9ec7b1a022f2\r\nTimestamp: 2020-11-30 14:53:29Z","error_codes":[90002],"timestamp":"2020-11-30 14:53:29Z","trace_id":"efcb63da-fdc2-4aa5-9739-01a8ac7c1001","correlation_id":"c6c33330-da75-468b-93fe-9ec7b1a022f2","error_uri":"https://sts.windows.net/error?code=90002"}
    2020-11-30T14:53:29 PID[6292] Error Failed to download OpenID configuration from 'https://sts.windows.net/84d7429e-d6a2-4f9c-a2e7-aa4e078d5e80/.well-known/openid-configuration': Value cannot be null.Parameter name: value
    2020-11-30T14:53:29 PID[6292] Critical System.ArgumentNullException: Value cannot be null.Parameter name: valueat Newtonsoft.Json.JsonConvert.DeserializeObject(String value, Type type, JsonSerializerSettings settings)at Newtonsoft.Json.JsonConvert.DeserializeObjectTat Microsoft.Azure.AppService.Middleware.OpenIdConnectConfiguration.Download(String url)at Microsoft.Azure.AppService.Middleware.OpenIdConnectConfiguration.ConfigManager.RefreshConfiguration(OpenIdConnectConfiguration testConfiguration)at Microsoft.Azure.AppService.Middleware.OpenIdConnectConfiguration.ConfigManager.GetCurrentConfiguration(Boolean forceRefresh, OpenIdConnectConfiguration testConfiguration)at Microsoft.Azure.AppService.Middleware.AzureActiveDirectoryProvider.GetOpenIdConnectConfiguration(Boolean forceRefresh)at Microsoft.Azure.AppService.Middleware.AzureActiveDirectoryProvider.GetLoginRedirectUrlAsync(HttpContextBase context, String callbackUrl, String postLoginRedirectUrl, NameValueCollection oauthState, String nonce)at Microsoft.Azure.AppService.Middleware.IdentityProviderBase.<RedirectToLoginPageAsync>d__40.MoveNext()--- End of stack trace from previous location where exception was thrown ---at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task)at Microsoft.Azure.AppService.Middleware.EasyAuthModule.<AuthenticateAsync>d__51.MoveNext()--- End of stack trace from previous location where exception was thrown ---at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)at Microsoft.Azure.AppService.Middleware.EasyAuthModule.<OnAuthenticateRequestAsync>d__33.MoveNext()--- End of stack trace from previous location where exception was thrown ---at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)at Microsoft.Azure.AppService.Middleware.HttpModuleDispatcher.<DispatchAsync>d__11.MoveNext()
    2020-11-30T14:53:29 PID[6292] Information Sending response: 500.79 Internal Server Error
    2020-11-30T14:53:30 PID[6292] Verbose Received request: GET https://webapp-openidconnect-dotnet20201126153555.azurewebsites.net/favicon.ico
    2020-11-30T14:53:30 PID[6292] Information Downloading OpenID configuration from https://sts.windows.net/84d7429e-d6a2-4f9c-a2e7-aa4e078d5e80/.well-known/openid-configuration
    2020-11-30T14:53:30 PID[6292] Verbose Calling into external HTTP endpoint GET https://sts.windows.net/84d7429e-d6a2-4f9c-a2e7-aa4e078d5e80/.well-known/openid-configuration.
    2020-11-30T14:53:30 PID[6292] Warning Call to HTTP endpoint https://sts.windows.net/84d7429e-d6a2-4f9c-a2e7-aa4e078d5e80/.well-known/openid-configuration failed: 400 (Bad Request). Partial response: {"error":"invalid_tenant","error_description":"AADSTS90002: Tenant '84d7429e-d6a2-4f9c-a2e7-aa4e078d5e80' not found. This may happen if there are no active subscriptions for the tenant. Check to make sure you have the correct tenant ID. Check with your subscription administrator.\r\nTrace ID: 36ea8ea1-2543-45e6-b870-19b6b7484601\r\nCorrelation ID: db5a90c3-0c99-40df-885a-80357dea8047\r\nTimestamp: 2020-11-30 14:53:30Z","error_codes":[90002],"timestamp":"2020-11-30 14:53:30Z","trace_id":"36ea8ea1-2543-45e6-b870-19b6b7484601","correlation_id":"db5a90c3-0c99-40df-885a-80357dea8047","error_uri":"https://sts.windows.net/error?code=90002"}
    2020-11-30T14:53:30 PID[6292] Error Failed to download OpenID configuration from 'https://sts.windows.net/84d7429e-d6a2-4f9c-a2e7-aa4e078d5e80/.well-known/openid-configuration': Value cannot be null.Parameter name: value
    2020-11-30T14:53:30 PID[6292] Critical System.ArgumentNullException: Value cannot be null.Parameter name: valueat Newtonsoft.Json.JsonConvert.DeserializeObject(String value, Type type, JsonSerializerSettings settings)at Newtonsoft.Json.JsonConvert.DeserializeObjectTat Microsoft.Azure.AppService.Middleware.OpenIdConnectConfiguration.Download(String url)at Microsoft.Azure.AppService.Middleware.OpenIdConnectConfiguration.ConfigManager.RefreshConfiguration(OpenIdConnectConfiguration testConfiguration)at Microsoft.Azure.AppService.Middleware.OpenIdConnectConfiguration.ConfigManager.GetCurrentConfiguration(Boolean forceRefresh, OpenIdConnectConfiguration testConfiguration)at Microsoft.Azure.AppService.Middleware.AzureActiveDirectoryProvider.GetOpenIdConnectConfiguration(Boolean forceRefresh)at Microsoft.Azure.AppService.Middleware.AzureActiveDirectoryProvider.GetLoginRedirectUrlAsync(HttpContextBase context, String callbackUrl, String postLoginRedirectUrl, NameValueCollection oauthState, String nonce)at Microsoft.Azure.AppService.Middleware.IdentityProviderBase.<RedirectToLoginPageAsync>d__40.MoveNext()--- End of stack trace from previous location where exception was thrown ---at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task)at Microsoft.Azure.AppService.Middleware.EasyAuthModule.<AuthenticateAsync>d__51.MoveNext()--- End of stack trace from previous location where exception was thrown ---at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)at Microsoft.Azure.AppService.Middleware.EasyAuthModule.<OnAuthenticateRequestAsync>d__33.MoveNext()--- End of stack trace from previous location where exception was thrown ---at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)at Microsoft.Azure.AppService.Middleware.HttpModuleDispatcher.<DispatchAsync>d__11.MoveNext()
    2020-11-30T14:53:30 PID[6292] Information Sending response: 500.79 Internal Server Error
    2020-11-30T14:54:34 No new trace in the past 1 min(s).

    0 comments No comments