How to fix azure web app authentication 500 error /.auth/login/aad/callback returns response code 500

Question

I get a 500 error message after deploying my web application to azure. This is an application recently where I applied some software nuget packages updates. However, the error is very specific, it returns an error on https://mywebsite.azureservices.net/.auth/login/aad/callback. In the log trace, it cannot authenticate. With my knowledge I don't see the reason it no longer authenticates.

In my registration profile, under authentication, I have the specified Redirect URI (see above), ID Tokens only selected; and this is selected: Accounts in this organizational directory only (Valor Healthcare only - Single tenant).

Those setting have not changed.

Here is what I did:

(1) Applied OWIN updates from Nuget packages

(2) Update the Secrets in the registration with new secret value (it was going to expire)

(3) Updated keyvault value with the new secret and saved.

Please let me know what else I need to provide.

Thanks,

Marlo

Answer 1

@Marlo E. Hutchinson it sounds like there is an issue with your Azure AD authentication setup. Can you please share the Azure doc you're following to set this up?

In the meantime you should:

• Enable Azure AD diagnostic logs for your application. This will provide detailed information about the authentication flow and potential errors. You can access these logs in the Azure portal under "Azure Active Directory" -> "Diagnostic settings".
• Confirm that the Redirect URI specified in your Azure AD registration still matches the actual callback URL used by your application.
• Try temporarily disabling "ID Tokens only" in the Azure AD registration under "Authentication". Deploy your application again and see if authentication succeeds. If it does, then the issue might lie in the way your application handles ID Tokens after the OWIN updates.