locked
Using WebAuthenticationBroker.AuthenticateAsync, getting "AuthHost disallowed UrlAction: 0x2301 for URL"

    Question

  • I'm using WebAuthenticationBroker.AuthenticateAsync with a third party OAuth Api.

    Everything is setup correctly, including the start and end uris, something like this -

      start uri: https://api.MYDOMAIN.com/oauth/authorize?client_id...
      end uri: https://localhost

    The UI works fine - I am asked to login and it redirects properly.

    Unfortunately, the UI never closes, so after digging in I enabled logging as described here:

      http://msdn.microsoft.com/en-us/library/windows/apps/xaml/hh750287.aspx

    After looking at the logs, I am seeing the following error:

      AuthHost disallowed UrlAction: 0x2301 for URL: <https://www.MYDOMAIN.com/oauth_callback.html>.

    oauth_callback.html is the page that eventually does redirect to to https://localhost (redirect uri / end uri).

    Why is "AuthHost" disallowing the "/oauth_callback.html" UrlAction?

    Is it because the start uri starts with "https://api.MYDOMAIN.com/...", while the disallowed url action starts with "https://www.MYDOMAIN.com/..." ('www' instead of 'api')

    How can I make it allow the action on https://www.MYDOMAIN.com/oauth_callback.html?

    Thanks.
    Emmanuel


    Saturday, October 18, 2014 6:15 PM

All replies

  • Use the following link to find more information about your issue.

    http://msdn.microsoft.com/en-us/library/gg130952(v=vs.85).aspx

    Monday, October 20, 2014 3:19 PM
  • Wowwery.net, I don't see how a link to debugging network traffic in IE could help troubleshoot the issue.  The WebAuthenticationBroker runs in WinRT applications - and I've already produced the error from the event viewer logs.

    Not sure if this is just spam to wowwery.net, so I'm misspelling it on purpose. :)

    Monday, October 20, 2014 4:29 PM