AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application

nyree williams 1 Reputation point
2020-06-30T13:27:47.717+00:00

Hello
I am trying to set up a Moodle login via the Azure portal but I get this error message:
AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application:
Can anyone tell me how to fix this (Please)?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,541 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Marilee Turscak-MSFT 36,246 Reputation points Microsoft Employee
    2020-07-01T15:50:36.997+00:00

    Hi @nyree williams ,

    Please make sure that you have registered the application and included in your app registration a reply URL that matches the URL that you have configured in the application settings or config. The URL where you direct your users needs to match exactly what you have in your app.

    I read that for Moodle it should be: https://moodle.collegeaddress.net/auth/oidc/

    Right now there's an open bug with Moodle where in some cases it is not verifying the reply URL but I see there was a pull request made this morning to fix that. The developer also said that this should not affect your setup (as all it does in that case is verify that the parameters are correct). This would not throw the error you mentioned but if you see the "Could not check reply url" message that would be why. https://github.com/Microsoft/o365-moodle/issues/1092

    If you still have this issue feel free to share a screenshot of your app registration setup and I will be happy to help.

    3 people found this answer helpful.
    0 comments No comments

  2. Shashi Shailaj 7,581 Reputation points Microsoft Employee
    2020-07-01T16:12:05.907+00:00

    Hello @nyree williams ,

    You get this error when the redirect URI value in your Moodle configuration is not same as the reply URL you have configured within the app registration that you have created for Moodle in your azure AD instance. The reply URL is a property on any Azure AD application object which defines the URL where the Azure AD auth system will send the authentication response on the application side.

    In your case you would have Moodle application URL and you would have setup the Azure AD plugin there. The plugin has Oauth open ID configuration which is the most common way to connect . You can check in Moodle > Settings > Plugins > Authentication > OpenID connect where generally Azure AD auth plugin is registered . Within this you would find the redirect URI . This is the value you have to set in Azure AD tenant where-ever you have created the application registration for moodle. I will provide a screenshot for example below. This is the section where you need to provide the URL exactly same as Redirect URI in your Moodle OIDC configuration. If you are using some other plugin or SAML based plugin you would need to check that within your moodle config and use the respective URL which will denote the section of your application which will process the auth response (tokens for the logging in user. )

    11142-appreg.jpg

    Hope the information helps. In case the answer helps please do accept the post as answer so that it is helpful to other members of the community as well. I have linked two article which will provide you more insights on this. Please let me know if this helped. If I have misunderstood your query or this is ot helping please provide detailed screenshots of your configuration and we will be happy to help further.

    Thank you.

    3 people found this answer helpful.
    0 comments No comments