1

I've set up my SharePoint 2013 on prem site to accept authentication from Google and Windows Live. Windows Live login works for the most part. I've set up an ACS in Azure where I've specified the return URL after the user signs in. I have entered the same return URL in the Google Developers console.

However, after the user logs in to their Google account, they get the following error:

Error: redirect_uri_mismatch

Application: Test

You can email the developer of this application at: myemailaddress@copmany.com

The redirect URI in the request: https://mysite.accesscontrol.windows.net:443/v2/openid did not match a registered redirect URI.

Can anyone tell me what I am doing wrong here, especially since the return URLs are the same in Google Developer Console > Credentials, as well as Azure ACS > Relying party applications.

Edit: The redirect URL is https://subdomain.mydomain.com/_trust in both Google Developers Console and Azure ACS.

Thanks!

Sid
  • 11
  • 3

1 Answers1

0

You'll note the page is being served by Google (with it's little broken robot thingy). So the problem is at their end.

enter image description here

Though it's not actually a problem but rather a security measure in that you have to explicitly enable the redirect url. Otherwise some level of hijinks may ensue, at your expense.

So you need to log into your Google developer console and add the redirect url of your Azure ACS account (not your web app / relying party) to the permitted redirect URLs.

enter image description here

So the image above is obviously after I had already entered the redirect Url. Click the edit button and add it on a separate line.

enter image description here

And you're done.

Otherwise judging by your edit, it looks as though you have simply used the wrong url. You use the ACS callback URL not your website URL as the flow goes back through ACS which reissues the token in it's own format.

rism
  • 11,932
  • 16
  • 76
  • 116