Unable to sign in to Azure AD (SSO) protected ASP. net MVC app

Bhatu Patil 1 Reputation point
2020-05-10T19:48:19.317+00:00

I have developed a ASP.net MVC web app with Azure AD authentication (SSO) using OpenID token based authentication.
I developed and tested in on local machine and I was able to login aswell as get User details using Graph API.
But when I uploaded the same project to the production server it started giving signin errors.
I am able to sign in initially but when i try using other browser with other credentials it responds with 'We are unable to sign you in'
Sometimes it keeps bouncing between authentication page. Sometimes it gives Error 400: Bad header.
I don't understand why the same code runs fine at times and gets error rest of the time.!

8081-aad-auth-error.png

7986-login-error.png

Features used:
OpenId, MS Owin package, MS Graph API.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,389 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. soumi-MSFT 11,716 Reputation points Microsoft Employee
    2020-05-11T08:32:13.173+00:00

    @Bhatu Patil , If the issues are coming up after moving it to the production server, then it would be interesting to note down if there are any type of difference between the production and the dev environment, in terms of the versions of the libraries or dependencies being used there.

    If using old OWIN middleware version, likely it is hitting the Katana bug for OWIN middleware. You can read more on that here.

    https://github.com/aspnet/AspNetKatana/wiki/System.Web-response-cookie-integration-issues

    Also you can try referencing to the following link for more details:

    "https://blogs.aaddevsup.xyz/2019/11/infinite-sign-in-loop-between-mvc-application-and-azure-ad/"

    Disclaimer: This response contains a reference to a third-party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft does not control these sites and has not tested any software or information found on these sites; therefore, Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. There are inherent dangers in the use of any software found on the Internet, and Microsoft cautions you to make sure that you completely understand the risk before retrieving any software from the Internet.

    Do let us know if that helps.

    If there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as "Answer" if the above response helped in answering your query.