are redirect urls ignoring port

drdamour 11 Reputation points

asked at and directed here

when you setup redirect urls, is the port number considered? I've noticed that i only put my localhost:5001 kestral url but if i switch to IIS express on 43215 everything works without issue as well as if the port is totally ignored.

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
13,519 questions
No comments
1 vote

4 answers

Sort by: Most helpful
  1. Marilee Turscak-MSFT 22,286 Reputation points Microsoft Employee

    They are not ignoring the port. Each URL with a different port should be distinct. My guess is that you have two URLs registered for the application. If that is the case the Azure portal may do this change for you.

    If you only had one URL registered you would get an error about an invalid reply url.

    Check under the registration for that application to see if you have both URLs registered.


  2. Hirsch Singhal [MSFT] 11 Reputation points

    Just a heads up here - Azure AD follows the OAuth 2.0 spec here, which states that specifically for loopback redirects an exact match is required except for the port URI component on localhost requests. It is expected that on localhost you can choose any port. We will look into updating the portal to make this more obvious and not allow localhost port components.

  3. Manoj Rai 1 Reputation point

    Hi I am having some trouble redirecting back to application once authentication is completed. I have a redirect URL
    but when azure redirects, it does to

    I check while signing in the MS login page, the redirect url has redirect parameter and after login it does take to but my debug gets error
    "The response was received at instead of "

    I have no idea whats happening, any suggestions ??

  4. Alon Bar-Lev 0 Reputation points

    Hi @Marilee Turscak-MSFT,

    I bumped into the same issue.

    Registered redirect URLs:

    • http://localhost:8000
    • http://localhost:8001

    When I specify redirect_url=8000 the IDP redirects back to 8001, this is not expected behavior, the redirect_url URL should be used.

    The current behavior is [probably]:

    1. Verify that redirect_url matches one of the registerd application URLs
    2. Select random redirect_url out of the approved application URLs (probably the last)
    3. Redirect to URL selected by (2)

    Expected behavior:

    1. Verify that redirect_url matches one of the registered application URLs
    2. Redirect to URL specified in (1)

    Rational: The application may run multi-instance or crash in which the port is already allocated, we would like to use port range in order to allow redundency/concurrency.

    Please let me know if there is a better forum to discuss this.