This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 69%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
I'm using Authentication/Authorization from the App Service Settings. I already inputted my clientID which I created from App registration in Azure Active Directory and Issuer url as
Under my App Registration I set my redirect url as of the ff:
https://sample.azurewebsites.net/.auth/login/aad/callback
https://sample.azurewebsites.net/
https://sample.azurewebsites.net/menu/home
But I still get redirect Uri error
We're unable to complete your request
invalid_request: The provided value for the input parameter 'redirect_uri' is not valid. The expected value is a URI which matches a redirect URI registered for this client application.
Well are you adding the redirect uri as part of the token request? You can share the code sample.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 2%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
@JOCO-1665, Thank you for reaching out. The redirect uri is something that AAD needs to know so that once AAD has done preparing the requested token, it would post that token back on that redirect uri so that the application can consume it.
For your application since not sure about the complete request that you are sending, let me share a sample request with which you can test.
This request uses the following scopes openid, offline_access and https://graph.microsoft.com/.default. You can modify the scope as per your need and then try this request out. When you specify the redirect uri in this request, make sure that same redirect uri is listed in the app registration too. If this request gets successfully submitted to AAD, you should receive a response in the following format:
https://{redirect-uri}#code=xxxxxxx
If this fails, do let us know the exact request that you are sending to AAD to fetch the code or the token so based on that we can help you further.
Hope this helps.
Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as Answer; if the above response helped in answering your query.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 80%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
@soumi-MSFT Thanks for the info above, The redirect works now and It goes to https://{redirect-uri}#code=xxxxxxx?client_info=yyyyy?state=xyxyxy. Where exactly is the access token being sent? I have a js front end and I'm using MSAL.js v.2, how do I send the access token to a php backend in order to validate and login the user.
The documentation is not helping really. Because the redirect uri has '#'code, it is not sent to the backend by browser.
How can I send the access token to the backend?
Posting it here just in case it happens to be relevant or useful.
I was getting this error despite using an out of the box template and setting things up as described.
Turns out my application, which was in a container, needed to modify some additional steps (specifically, forwarding some headers) before things would work.
I wrote it up in a blog post here: https://seankilleen.com/2020/06/solved-net-core-azure-ad-in-docker-container-incorrectly-uses-an-non-https-redirect-uri/
Published it ahead of schedule in case you might find it useful.
Thanks for this! I'm currently developing using Angular and docker container involve but I'll check this one out.
Here's my login request:
https://login.microsoft.com/{tenantid}/oauth2/v2.0/authorize?response_type=code+id_token&redirect_uri=https%3A%2F%2Fsample.azurewebsites.net%2F.auth%2Flogin%2Faad%2Fcallback&client_id={clientID}&scope=openid+profile+email&response_mode=form_post&nonce={some numbers that I dont know}&state=redir%3D%252F
I just followed the steps under "Configure with advance settings.
https://learn.microsoft.com/en-us/azure/app-service/configure-authentication-provider-aad
I have also tried the login request that you have sent, but it causes a loop even I inputted my user and pass it goes back to login page again.
@JOCO , I apologize for the delay in my response. I did check your request and it looks good to me. It looks like we would have to dig a little deeper to understand where the failure is.
To go ahead with this, it would be great if you can send an email on "azcommunity[at]microsoft[dot]com" and share the following details with us:
Tenant ID:
Subscription ID:
Do not forget to share the URL of this issue so that its easier for me to pick this email up and go ahead further with the troubleshooting.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 36%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECH%3C/text%3E%3C/svg%3E)
I was getting this error seemingly randomly for my Blazor Azure Static web app. I was spending many hours over many weeks trying to figure out what this means.
It would work sometimes in some browsers (desktop, Android), but not in others. I checked and double checked my redirect URIs in the app registration in Azure App registrations
I finally figured it out: the URL (perhaps through favorites/booksmarks/autocomplete) had “www.” as a prefix in the cases where this failed.
Changing this to the URL without “www.” made it work. I’ve also removed the “www.” CNAME record from my Azure DNS Zone records.