locked
Asp.net app and Azure AD authentication RRS feed

  • Question

  • User1248386638 posted

    Hi, I used the built in Visual Studio 2015 template to create a webform application and enabled Azure AD Work/School account authentication. Good news is everything works like a charm in LocalHost (when running locally). When I push it my Azure App (in Azure), when I try to authenticate, it gives me an error. The error is below -

    Additional technical information:
    Correlation ID: 58a37062-523c-4538-bb97-db54ad9492bd
    Timestamp: 2016-03-03 01:47:05Z
    AADSTS50011: The reply address 'http://mydomainnamehere.com' does not match the reply addresses configured for the application: d6709cb1-8687-4560-97c4-1247dd67fe3e.

    I could not find any place where to update the reply address. I googled on this error but no one seem to have my issue. Note, my app is not MVC nor have I enabled Autherization/Authentication using Azure portal. Finally, everything works just fine if I use localhost.

    Thursday, March 3, 2016 1:49 AM

Answers

  • User-646145796 posted

    Hi,

    If upload the application to Azure Web App, please change the following:

    1) Click into Azure Active Directory, find your application, change "SIGN-ON-URL" into the real sign in URL

    2) Change "REPLY URL"

    3) Check the Web.config of your Web app, ensure the ida:PostLogoutRedirectUri is right.

    Hope this help.

    Best Regards,

    Jambor

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, March 3, 2016 3:07 AM

All replies

  • User-646145796 posted

    Hi,

    If upload the application to Azure Web App, please change the following:

    1) Click into Azure Active Directory, find your application, change "SIGN-ON-URL" into the real sign in URL

    2) Change "REPLY URL"

    3) Check the Web.config of your Web app, ensure the ida:PostLogoutRedirectUri is right.

    Hope this help.

    Best Regards,

    Jambor

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, March 3, 2016 3:07 AM
  • User1248386638 posted

    Jamobar,

    Thank you! I actually do not have access to the Azure Active Directory setting. I am using the school domain for example ucla.edu I only have one valid account with that domain. I did not setup any Azure Active Directory if any kind. I simply used the wizard in visual studio to create the application. Like I said, everything works but only in localhost. The settings for ida:PostLogoutRedirectUri  is correct.

    Thank you.

    Thursday, March 3, 2016 4:01 AM
  • User1248386638 posted

    Here is my web.config

    <add key="ida:ClientId" value="actualcodeishere"/>
    <add key="ida:AADInstance" value="https://login.microsoftonline.com/"/>
    <add key="ida:Domain" value="myschool.edu"/>
    <add key="ida:TenantId" value="actualcodeishere"/>
    <add key="ida:AudienceUri" value="mydomain"/>
    <add key="ida:PostLogoutRedirectUri" value="http://mydomain.com"/>

    Thursday, March 3, 2016 4:06 AM
  • User-646145796 posted

    Hi,

    >> I actually do not have access to the Azure Active Directory setting

    We need to change some settings in Azure Active Directory. As I know we can not change this from the wizard in visual studio. So I would suggest you contact with your azure subscription administrator to do these change.

    Best Regards,

    Jambor

    Thursday, March 3, 2016 6:45 AM
  • User1248386638 posted

    Thanks. So what would the reply address needs to be? The root of the domain?

    Thursday, March 3, 2016 9:10 PM
  • User-646145796 posted

    The Reply URL is a Physical address for your app to which Microsoft Azure AD will send SAML authentication tokens for authenticated users.

    Friday, March 4, 2016 1:40 AM