Azure AD enterprise applications save issue

Frank Verheggen - SyncForce 21 Reputation points
2020-12-16T21:00:56.077+00:00

This is an obvious bug. I will try to explain.

I work for 2 companies that have each a set of Enterprise applications we created. A live environment, 2 test environments and a staging environment .

All 4 environments now have around 74 subdomains that we have configured for SSO using basic SAML configuration. All domains use https://<customer>.<domain>.<ext> as identifier and https://<customer>.<domain>.<ext>/saml-login/ as return URL.

When saving a new URL it is always a gamble if they are saved. The Save button goes grey but there will not be a confirmation the URLs have been saved, trying anything on the page will result in a message that there are unsaved items but the Save button is greyed and cannot be used anymore. It has been times it took me 5-10 retries before a save would really save the URLs. As this needs to be done for 2x 4 environments this is a PITA.

But that is not all, on a regular basis (and I expect this to happen when saving a new URL) other URLs (especially return URLs) are dropped. So I have to add them again but this triggers the dropping of URLs again once in a while.

Anybody else seen this behaviour? All help is appreciated

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,509 questions
0 comments No comments
{count} votes

Accepted answer
  1. 2020-12-17T18:25:42.627+00:00

    This could be some temporary issue with the portal. In the meantime please try using AzureAD powershell:

       Connect-AzureAD -TenantId <tenant id>  
       $app=Get-AzureADApplication -ObjectId <saml application object id>  
       $app.IdentifierUris.Add(<new uri>)  
       $app.ReplyUrls.Add(<new reply url>)  
       $app|Set-AzureADApplication -ReplyUrls $app.ReplyUrls -IdentifierUris $app.IdentifierUris  
    

    If the first issue persist or powershell result is the same please Create a support request or let us know if you need assistance for the later.


3 additional answers

Sort by: Most helpful
  1. Frank Verheggen - SyncForce 21 Reputation points
    2020-12-22T13:42:53.317+00:00

    This workaround is working however the mentioned bugs still remain.

    I created a script now to create the 4 environments with one script and used a dummy url to test. That worked as expected.

    Trying to clean up I ran into the bugs again. When removing the dummy URLs in the web interface once again another reply URL was gone also. Also the multiple times needing to try to save the list of urls remains a problem in the interface.


  2. Jari Leppänen 1 Reputation point
    2021-08-13T09:55:11.723+00:00

    I'm encountering the same bug. I can't use the workaround either because it's a new Enterprise application that doesn't yet have SAML on, so that I could change the urls. I can't input the urls in the first place.

    0 comments No comments

  3. Josh Heman 1 Reputation point
    2022-04-21T18:59:48.937+00:00

    Checking in, issue is still present. We struggled with this migrating from another IDP to Azure AD in 2019 and the problem is still present nearly three years late. It can take dozens of attempts in the portal to save the saml URIs initially and they' often simply cannot be edited once saved. Every once in a while it behaves but most of the time you get to fight with it. And interacting with those URIs in the portal reverts changes made with the shell.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.