"domain.com" and "domain.com/admin" need to each have a Redirect URIs. It appears to me that "domain.com/admin" does not a a redirect URI set.
Azure B2C authorize loop in sub-application
0
I'm currently using Azure B2C to authenticate a series of .NET 6 server-side Blazor apps and Web APIs. In IIS, the apps are setup as follows:
domain.com
domain.com/admin
domain.com/api1
domain.com/api2
domain.com/api3
If a user logs into domain.com and then navigates to domain.com/admin, /admin gets caught in an infinite authorize loop with Azure B2C. Then, if you browse back to domain.com and logout, you can navigate back to /admin and currently be signed in.
However, if you log into /admin first and navigate to domain.com, you will be successfully logged in. Then, if you navigate back to /admin, you get stuck in a auth loop again.
I have verified that the only difference between the 2 access tokens is the audience and the timestamps issued (of course). In B2C, I have both web applications set to accept access tokens from any app authorizing with the B2C domain.
I have also tried setting up my cookies with settings from here: Cookie Sharing.
Logging into domain.com then logging into /admin causes the loop. Then, if I log out of domain.com and navigate back /admin, the loop stops and I'm authenticated.
Dev tools show zero errors and from what I can tell in code, it appears like I am authenticated.
Any help/guidance I can get would be greatly appreciated.