Azure GateWay SAML Authentication Error

2021-10-01T18:48:29.243+00:00

When using SAML and as an Azure IDP, we have the following situation:
2 Servers for high availability that are balanced by an Azure Gateway.

When trying to access the url generated by the gateway e.g.
https://servidorbalanceado.red.empresa.com.co, it tries to authenticate with SAML, but returns the following error:

AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application:

https://servidorbalanceado.red.empresa.com.co/shibboleth

But if I try to log in, using each of the servers, if I succeed in connecting to

https://servidor1.red.empresa.com.co
https://servidor2.red.empresa.com.co

I ask for your help, because I think the problem is in the way the gateway makes the call of the balanced url's, but I don't know how to solve it.

Thanks

Azure Front Door
Azure Front Door
An Azure service that provides a cloud content delivery network with threat protection.
627 questions
Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,008 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,514 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. ChaitanyaNaykodi-MSFT 24,486 Reputation points Microsoft Employee
    2021-10-02T03:37:48.997+00:00

    HEllo @Yackeline España Arevalo (DCA TECHNOLOGY LTDA) , Thank you for reaching out. Can you please provide more details on how the listeners is configured in your scenario? Also have you set any URL rewrite rules in this scenario?
    I think the host name of request being sent from application gateway to your backend is wrong. Can you please check what is the hostname received in backend? if there is a mismatch can you please configure the host name in AAD as mentioned here.

    0 comments No comments