Overview

When you deploy an Azure Active Directory application that was working great locally you may get the following error when logging in:  AADSTS50011: The reply address ‘http://<yourwebapp>.azurewebsites.net/signin-oidc’ does not match the reply addresses configured for the application: ‘c8a23e63-b4e3-4d10-9cf8-0fca55207424’. More details: not specified

This error would be specific to Azure App Services authentication (Easy Auth)

AADSTS50011: The reply address ‘https://<yourwebapp>/.auth/login/aad/callback’ does not match the reply addresses configured for the application: ‘c8a23e63-b4e3-4d10-9cf8-0fca55207424’. More details: not specified 

How to fix this

This error says it all!  When you deploy your Active Directory Web app to Azure you need to ensure you add this URL to the Azure Active Directory application (or have someone with the permissions to manage you application in AD to this for you).

Go to the Azure portal: https://portal.azure.com sign in and click on the Azure Active Directory icon on the left. Then click on the ‘App registrations’ icon in the middle pane.  In the search box enter the application from the error message and choose ‘All apps’ from the dropdown:

 appregistration

Click on your application, then the Settings icon, select the ‘Reply URLs’ from the list.  Paste in the name of the reply URL from the error message you had and ‘Save’:

capture20180130145337489

Now you should be able to login with out that error message!

Conclusion

Just a quick blog but I hope it saves you some time!

Comments (4)

    • Jeff Sanders

      Reply

      This is from ADAL not Azure AD. That is simply the design of the library.

  1. Naveen Eedi

    Reply

    Hi Jeff,
    We are integrating salesforce with power BI. Facing below issue
    AADSTS50011: The reply url specified in the request does not match the reply urls configured for the application: ‘3d6e8944-5ce8-4c93-8c08-fd626ff05cf6’.
    As per your blog i understood how to fix this issue. But i don’t have access to azure active directory.
    Queries
    ———
    1) Only administrator of that directory can add reply url.
    2) If for suppose administrator has included me in that directory. Can i view directory home page with read access.
    3) we have registered application in “https://dev.powerbi.com/apps”. The same application do we need install/register in azure active directory by providing reply url. Please correct me if am wrong
    Thanks in Advance
    Regards
    Naveen

    • Jeff Sanders

      Reply

      Hi Naveen,
      You need appropriate permissions in your subscription to make these changes. That can be assigned as a role by the subscription admin or owner. I do not know how PowerBI registration works, but I assume it is registered in the tenant and so you can apply the same logic in this blog to the power bi apps

Leave a comment

Your email address will not be published. Required fields are marked *