redirect uri returns wrong uri

Søren Brønsted 21

In Azure AD for out Company (borsen.dk)

on App > Authentication > Platform configurations > Web > Redirect URIs

I have configured 2 redirect uri for 2 different environments - test and production, but every time I login from the test environment the AAD redirects to the production environment even though the redirect url parameter is the url to the test environment. If I remove the production environment, it works.

Any explanation on this odd behavior?

James Hamil 21,466 Reputation points Microsoft Employee

2022-01-24T23:08:23.803+00:00

Hi @Søren Brønsted , this is odd indeed. Do you have any references in code to your redirect URIs?
Søren Brønsted 21 Reputation points

2022-01-25T09:04:52.317+00:00

Hi @James Hamil . Thank you for your quick response. Yes in the callback url parameter.
James Hamil 21,466 Reputation points Microsoft Employee

2022-01-25T23:38:59.883+00:00

Have you tried hard resetting and clearing the cache in your browser?
Søren Brønsted 21 Reputation points

2022-01-26T08:48:58.603+00:00

I can see that the location header in devtools has the wrong url from AAD

2 answers

James Hamil 21,466 Reputation points Microsoft Employee

2022-02-01T20:37:59.04+00:00

Hi @Søren Brønsted ,

I understand that you are being directed to the wrong URL. You need to specify the redirect URI in the login URL and specify where the user and authorization code should be redirected. If you don't specify a Redirect URI in the Login URL, the user will be redirected to the first URL specified in the app's registration.

To resolve this, you can follow the example in the Authorization Code Grant Flow documentation to specify the Redirect URI:

https://login.microsoftonline.com/{tenant}/oauth2/authorize?
client_id=xxxxxx
&response_type=code
&redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
&response_mode=query
&resource=https%3A%2F%2Fservice.contoso.com%2F
&state=12345

Otherwise you could list the URL that you want as the first one in the registration.

Let me know if you have further questions.

Additional reading: https://stackoverflow.com/questions/46917919/azure-ad-reply-url-how-to-add-several-urls-when-using-openid-connect-auth
Please sign in to rate this answer.
Søren Brønsted 21 Reputation points

2022-02-02T07:50:34.277+00:00

I known all this, but I am not redirected to the redirect_url I provide and which is configured in AAD. Instead AAD redirects to another random configured url. Eg:

In AAD I have configured 2 redirects url: https://nowhere1.com and https://nowhere2.com. When I call AAD with redirect_url=https://nowhere2.com it redirects to https://nowhere1.com. If I remove https://nowhere1.com from AAD, then it correctly redirects to https://nowhere2.com.

James Hamil 21,466 Reputation points Microsoft Employee

2022-03-22T23:13:06.057+00:00

Hi @Søren Brønsted , really really sorry in the response delay. Can you please share your request? you may be entering redirect_url= instead of redirect_uri=

Dzenan 45 Reputation points

2023-03-22T10:02:47.3933333+00:00

This also applies to B2C. It does not always respect the redirect_uri parameter when handling the authentication request @jameshamil-msft.

To reproduce:

Create app reg with 1 uri

Log in with app using first uri

Add a second uri

Log in with app using second uri (fails)

sebsan 5 Reputation points

2023-06-13T06:23:30.4966667+00:00

I am having the same issue. I was playing around with redirect uris in a Azure AD B2C app registration. Thr reason being that we are adding support for multiple login providers, both Azure AD B2C and Azure AD.

One redirect uri that I removed keeps coming back when I try to log in using this app registration. So it seems to have been cached or stuck in there somehow. Luckily this is in our dev environment but it makes me worried about bringing these changes to production.

Jörg Krause 10 Reputation points

2023-08-02T21:01:28.6866667+00:00

It seems to be timing issue. After changing the redirect uri it takes up to 5 min to change the actual value. In that period, which varies, the wrong url is used on reply.

As a general rule in Azure: EVERYTHING is async and might be delayed, even if it looks like done after save operations.

Julio Perez 0 Reputation points

2023-10-21T05:05:06.8366667+00:00

I confirm that for me was a timing issue. I had to wait up to 10-15 minutes.
Sign in to comment
Tatyana Kudryavtseva 0 Reputation points

2023-10-12T19:08:03.5366667+00:00

https://partneruniversity.microsoft.com/?whr=uri:MicrosoftAccount
Please sign in to rate this answer.

0 comments No comments
Sign in to comment