2

I'm trying to set up a local Django app which uses Azure Active Directory for authentication. I went through this quick start using the django_microsoft_auth library for backend authentication. I registered a new app on Azure and set the URI to http://localhost:8000/microsoft/auth-callback/. This is the same port which is used for the other pages like the admin page.

When I try to login via Azure AD, I get the following error message:

AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application

Only few other threads with this problem exist and there hasn't been a real solution yet using this library. Does anyone know a solution to this problem?

Hussa
  • 131
  • 2
  • 9

2 Answers2

2

I have answered similar questions before, and there is a general solution to the problem of not match, which is simple, effective and not easy to make mistakes:

When you visit the application url , you will be redirected to the login page. Decode the authorization request URL, you will find redirect_uri, copy the value of redirect_uri and paste it into the azure portal, and try again.

enter image description here

For the redirect URL, it should start with https, if you need to start with http, you must configure it as http://localhost.

Carl Zhao
  • 8,543
  • 2
  • 11
  • 19
  • Sorry for contacting you like this - but I'm hopeless :) Can you take a look at my recent question about Django AD integration (https://stackoverflow.com/questions/66043316/django-microsoft-ad-authentication) I just can't set this properly. – dev.ink Feb 04 '21 at 14:18
  • I had this issue too. What I did to solve it was in portal.azure.com Home > My Application Example | Authentication was set Web Redirect URIs to http://localhost:8000/microsoft/auth-callback/ (NOTE THE TRAILING /) – Red Cricket Jun 08 '21 at 18:38
1

The error message is fairly clear. Your application needs to be registered under your AAD tenant and whatever you enter for the reply URL/Redirect URI in your code needs to match what you have set in the tenant. Please refer to a similar question here.

Hari Krishna
  • 2,372
  • 2
  • 11
  • 24
  • I didn't change the request URL in the code, therefore the two URLs should be the same as described in the documentation. The tenant and client IDs and secrets are set accordingly. – Hussa Dec 15 '20 at 18:57
  • 1
    Please try encoding the URL in the code and let me know the issue is fixed. – Hari Krishna Dec 15 '20 at 19:00
  • The transmitted value for the URL is "redirect_uri=http%3A%2F%2Flocalhost%3A8000%2F%2Fmicrosoft%2Fauth-callback" But it still doesn't work. – Hussa Dec 15 '20 at 19:50
  • 1
    Hi @Hussa,The above URL is incorrect.It is decoded as `http://localhost:8000//microsoft/auth-callback` which has `//` before `microsoft`.Please fix the url and let us know the update. – Hari Krishna Dec 15 '20 at 19:57
  • Thank you for the hint! There was a trailing slash in the domain name in the database which must have caused the problem. Occasionally the URL didn't contain any / before 'microsoft' without the trailing slash in the db entry. But now it works fine! – Hussa Dec 15 '20 at 20:28