Is it possible to change an app service authentication flow's redirect URI so that login flow does not attempt to redirect the user directly to the underlying app service?

Andy Badera 1 Reputation point Microsoft Employee
2020-07-08T19:08:44.583+00:00

We have:

  • a .NET Framework 4.7 ASP.NET application
  • hosted as an app service in Azure
  • fronted by Front Door
  • using Authentication and Authorization features to specify company Azure AD config
  • The app reg redirect URI is set to the Front Door URL.
  • The app service allowed external redirect URL is set to the Front Door URL.

After users authenticate, they are being redirected back to the app service URL, rather than the Front Door URL Is there some other means I'm missing by which we can force the redirect URI to point to Front Door rather than the app service?

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,362 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,539 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. 2020-07-09T14:16:37.547+00:00

    Yes it's possible. For that you need a custom domain configured at both the app service apps and the frontdoor frontend. Also, in the frontdoor backend pool you need to add the custom domain as headers sent to each backend (app service) and enable/select the custom frontend (domain) for routing and finally, as you already did, register the custom domain based callback URL as an app registration reply URL.

    1 person found this answer helpful.

  2. Manish Pandey 1 Reputation point
    2020-12-05T15:06:56.03+00:00

    For Webapp verification use TXT record and map cname entry to FrontDoor