This error occurs when the redirect URI/reply url in the authentication request doesn't match with the redirect uri(s) registered in the application registered in Azure AD. In order to troubleshoot this error, you need to follow below steps:
Setup:
• Download and install Fiddler from here: https://www.telerik.com/fiddler
• Follow these instructions to enable HTTPS capture: https://docs.telerik.com/fiddler/configure-fiddler/tasks/DecryptHTTPS (do step 1 and 2)
To get traces:
• Start fiddler (it will start capturing)
• Repro the issue.
• Stop fiddler capturing by hitting the F12 key.
Look for the traffic to login.microsoft.com, specifically for Authorize and/or Token endpoint as highlighted below:
On the right pane, notice the redirect_uri under Inspectors > WebForms tab, as highlighted below:
Once this is identified, you need to navigate to:
Azure Portal > Azure Active Directory > App Registrations > Search and open the application > Authentication > Under Redirect URIs, make sure that the redirect uri highlighted above matches with one of the registered redirect uri.
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.