Grant consent for Dynamics API

Question

Request Id: 12246926-edd7-47c5-b63c-546d35912000

Correlation Id: 938375e3-52ab-420d-8e7d-20de6a11d68b

Timestamp: 2026-05-11T04:27:09Z

Message: AADSTS50011: The redirect URI 'https://businesscentral.dynamics.com/OAuthLanding.htm' specified in the request does not match the redirect URIs configured for the application 'D789F11A-4067-44FC-85B5-0B9D3FC49C27'. Make sure the redirect URI sent in the request matches one added to your application in the Azure portal. Navigate to https://aka.ms/redirectUriMismatchError to learn more about how to fix this.

Answer 1

Hi @Ken Zhang

Thank you for reaching out to Microsoft Q&A.

AADSTS50011 is telling you that the redirect URI your app is sending in the OAuth request doesn’t exactly match any of the redirect URIs you’ve configured in Azure AD. Redirect URIs are case-sensitive and even a missing or extra slash will make them “not match.” Here’s how you can fix it:

1. Go to the Azure portal > Microsoft Entra ID > App registrations > select your app (D7xxxxxxxxxxxx27).
2. In the left menu choose Authentication (Preview) (or “Authentication” in the old portal).
3. Under Redirect URI configuration, click + Add a platform or + Add Redirect URI.
4. Paste the exact URI your error mentions -https://busixxxxxxxxxx making absolutely sure the casing and any trailing slash match 100% what your app is using.
5. Click Save.
6. If you’re asking an admin to consent tenant-wide, go to App registrations > API permissions > Grant admin consent (or Enterprise applications > [Your app] > Permissions > Grant admin consent for ).

Once the URI in Azure AD matches exactly what your app sends, the redirect error will go away, and you’ll land back in Business Central as expected.

Answer 2

The error AADSTS50011 occurs because the redirect URI in the consent request must match exactly one of the redirect URIs configured on the app registration.

To grant consent for the Dynamics API, ensure the following:

1. Identify the exact redirect URI used by the consent request
   • From the error: https://businesscentral.dynamics.com/OAuthLanding.htm
   • Note the full string including casing, path, and trailing slash (or lack of it).
2. Configure this redirect URI on the app registration
   • In Microsoft Entra admin center, open the app with ID D789F11A-4067-44FC-85B5-0B9D3FC49C27.
   • Go to Authentication.
   • Under Redirect URI configuration, add a Web redirect URI that matches exactly the URI used in the request, for example:
     • https://businesscentral.dynamics.com/OAuthLanding.htm
   • Remove any unused or incorrect variants (for example, different casing or an extra trailing slash) from the production registration to avoid confusion.
   • Select Save.
3. Retry the consent flow
   • Trigger the consent again (for example, via the Dynamics/Business Central experience or a manually built consent URL).
   • Because the redirect URI now matches one of the configured URIs, the Microsoft Entra authorization server will complete the sign-in and consent instead of returning AADSTS50011.

If using OAuth 2.0 authorization code flow or OpenID Connect for this Dynamics integration, a redirect URI is required and must be pre-registered on the app as described above.

---

References:

• How to add a redirect URI to your application
• Redirect URI (reply URL) outline and restrictions
• The Business Central Admin Center API
• Configure Microsoft Entra authentication with WS-Federation
• Authenticate your API and connector with Microsoft Entra ID
• Error AADSTS650056: Misconfigured application