0

I have created a MS Azure App Registration for an application that uses the MS Identity Platform. It works. I can login with my MS identities. Access tokens are created, and I can use them to access my API.

However, this is the case only when I run in a localhost environment. When I run it using a real domain on a live server, the access token is created, but two callbacks are received from login.live.com. An example from my logfile follows. Text was removed from each line to keep the clutter down.

2021-08-20 17:57:16 POST /OAuth/ - 443 - XXX.XXX.XXX.XXX  https://login.live.com/ 302 0 0 1223
2021-08-20 17:57:16 GET / - 443 - XXX.XXX.XXX.XXX https://login.live.com/ 304 0 0 198

The first is correct, but it never executes, because the second overrides it and my browser is redirected to another page at the root of the application. How can i fix it?

I don't want that second response from Microsoft. My browser is actually displaying the page at / instead of the page at /OAuth/.

My application is an ASP.Net MVC 5 application running .Net Framework 4.7.2. I'm using Microsoft.Identity and OWIN. As I said, everything works, but I'm getting two responses from Microsoft.

One thing I tried was removing the localhost redirectUri from the App Registration. That wasn't the problem. I put it back in.

Dennis Kozevnikoff
  • 2,078
  • 3
  • 19
  • 29
Rob Galante
  • 21
  • 4

1 Answers1

0

The MS Identity platform is sending two replies. But it is doing so because of the way I defined the redirect Uri in my Azure App Registration. In the Azure App Registration Authentication page, you define one or more redirect Uris. I defined mine as follows.

https://example.com/OAuth/

Notice the trailing slash. I had to remove that. I read the following document several times but I missed this requirement.

Redirect URI (reply URL) restrictions - Microsoft Identity Platform

Redirect Uris containing a path segment do not append a trailing slash.

Rob Galante
  • 21
  • 4