Share via

.net Blazor app stuck on on B2C Redirect Url

Matthew Scheetz 20 Reputation points
2025-03-03T21:27:05.09+00:00

I've got a Blazor Server app (.net 8). It is using B2C for authentication and is behind an application gateway.

After successful login, some users are getting redirected to the redirect url: https://example.com/signin-oidc

the app gets stuck here and users are presented with Correlation Error.

User's image

If user updates the url and removes signin-oidc so they are now just going to https://example.com they are successfully logged in to the home page.

My B2C configs are configured as so:

 "AzureAdB2C": {
    "Instance": "https://my-b2c.b2clogin.com",
    "ClientId": "",
    "Domain": "my-b2c.onmicrosoft.com",
    "ObjectId": "",
    "TenantId": "",
    "ClientSecret": "",
    "CallbackPath": "/signin-oidc",
    "SignUpSignInPolicyId": "B2C_1_MyB2C_SignIn",
    "SignedOutCallbackPath": "/signout"
}

B2C is configured with https://example.com/signin-oidc as a redirect url.

The strange thing is that this does not happen for every user at every login.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,816 questions
Accepted answer
  1. Akhilesh Vallamkonda 13,065 Reputation points Microsoft External Staff
    2025-03-07T16:24:44.7066667+00:00

    @Matthew Scheetz
    I'm glad that you were able to resolve your issue and thank you for posting your solution so that others experiencing the same thing can easily reference this! Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others ", I'll repost your solution in case you'd like to "Accept " the answer.Issue:

    .net Blazor app stuck on on B2C Redirect Url after successful login, some users are getting redirected to the redirect url: https://example.com/signin-oidc

    Solution:

    You have fixed this issue by following
    Added middleware to intercept requests to /signin-oidc and /MicrosoftIdentity/Account/Error and redirect back to home page

    1. Added empty razor page with path of /signin-oidc and /MicrosoftIdentity/Account/Error My home page auto redirects to /MicrosoftIdentity/Account/SignIn if the user is not authenticated. Any of the requests coming to /signin-oidc are not registered as authenticated, the home page re directs them to b2c login, and they are quickly returned to the home page and logged in. Good user path:
    2. Navigate to https://www.example.com
    3. User not authenticated and auto-redirected to b2c login
      1. Enter Credentials & 2FA
      2. Redirected and logged into https://www.example.com Troublesome user path:
    4. Navigate to https://www.example.com
    5. Auto-redirected to b2c login
      1. Enter Credentials & 2FA
      2. Redirected and not logged into https://www.example.com/signin-oidc
      3. Middleware redirects to https://www.example.com
    6. User not authenticated and auto-redirected to b2c login
      1. No inputs are required here
    7. Redirected and logged into https://www.example.com
      1. Added middleware to intercept requests to /signin-oidc and /MicrosoftIdentity/Account/Error and redirect back to home page
        1. Added empty razor page with path of /signin-oidc and /MicrosoftIdentity/Account/Error My home page auto redirects to /MicrosoftIdentity/Account/SignIn if the user is not authenticated. Any of the requests coming to /signin-oidc are not registered as authenticated, the home page re directs them to b2c login, and they are quickly returned to the home page and logged in. Good user path:
        2. Navigate to https://www.example.com
          1. User not authenticated and auto-redirected to b2c login
            1. Enter Credentials & 2FA
              1. Redirected and logged into https://www.example.com Troublesome user path:
      2. Navigate to https://www.example.com
      3. Auto-redirected to b2c login
        1. Enter Credentials & 2FA
        2. Redirected and not logged into https://www.example.com/signin-oidc
        3. Middleware redirects to https://www.example.com
        4. User not authenticated and auto-redirected to b2c login
          1. No inputs are required here
      4. Redirected and logged into https://www.example.com

    If you have any other questions or are still running into more issues, please let me know. Thank you again for your time and patience throughout this issue.

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

    0 comments

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Raja Pothuraju 18,350 Reputation points Microsoft External Staff
    2025-03-05T19:46:06.46+00:00

    Hello @Matthew Scheetz,

    Thank you for your response.

    As mentioned, in all working scenarios, the application successfully redirects to example.com and functions as expected. The issue seems to be with the redirect URI in the non-working scenario.

    Upon successful authentication (Password + MFA), why is the request redirecting to example.com/signin-oidc instead of example.com? Azure AD B2C always redirects the request back to the redirect URI specified in the initial authentication request from the application.

    For example, when a user access example.com in the browser, the application sends an authorization request to https://{your-tenant-name}.b2clogin.com/{your-tenant-name}.onmicrosoft.com/{policy}/oauth2/v2.0/authorize endpoint along with the necessary parameters, similar to the request below:

    GET /{tenant}.onmicrosoft.com/{policy}/oauth2/v2.0/authorize? Host: {tenant}.b2clogin.com client_id=00001111-aaaa-2222-bbbb-3333cccc4444 &response_type=code+id_token &redirect_uri=https%3A%2F%2Fjwt.ms%2F &response_mode=fragment &scope=openid%20offline_access%20{application-id-uri}/{scope-name} &state=arbitrary_data_you_can_receive_in_the_response &nonce=12345

    After successful authentication, Azure AD B2C redirects the user back to the redirect_uri specified in the initial request. The issue likely arises because your application is sending the request to the authorization endpoint with redirect_uri set to example.com/signin-oidc instead of example.com.

    To confirm this, we need network trace logs while accessing the application to analyze how the request is being sent to Azure AD B2C. Alternatively, you can investigate the application code to determine why the request is using a different redirect_uri (example.com/signin-oidc) instead of example.com.

  2. Matthew Scheetz 20 Reputation points
    2025-03-07T14:21:38.43+00:00

    I ended up getting a working solution:

    1. Added middleware to intercept requests to /signin-oidc and /MicrosoftIdentity/Account/Error and redirect back to home page
    2. Added empty razor page with path of /signin-oidc and /MicrosoftIdentity/Account/Error

    My home page auto redirects to /MicrosoftIdentity/Account/SignIn if the user is not authenticated.

    Any of the requests coming to /signin-oidc are not registered as authenticated, the home page re directs them to b2c login, and they are quickly returned to the home page and logged in.

    Good user path:

    1. Navigate to https://www.example.com
    2. User not authenticated and auto-redirected to b2c login
      1. Enter Credentials & 2FA
    3. Redirected and logged into https://www.example.com

    Troublesome user path:

    1. Navigate to https://www.example.com
    2. Auto-redirected to b2c login
      1. Enter Credentials & 2FA
    3. Redirected and not logged into https://www.example.com/signin-oidc
    4. Middleware redirects to https://www.example.com
    5. User not authenticated and auto-redirected to b2c login
      1. No inputs are required here
    6. Redirected and logged into https://www.example.com
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.