编辑清单以启用availableToOtherTenants后,Azure AD错误 [英] Azure AD Error after editing manifest to enable availableToOtherTenants
问题描述
我们正尝试将Web应用程序和Web API部署到与我们的公司Azure AD帐户关联的新Azure订阅.但是,当我们尝试修改Azure AD清单以启用多租户标志"availableToOtherTenants"并在WebAPI清单中设置WebApp的"knownClientApplications"客户端ID时,尝试上载它们后会出现以下错误:
We are trying to deploy are web application and web API to a new Azure subscription associated with our corporate Azure AD account. However, when we attempt to modify the Azure AD manifest to enable the multi-tenant flag "availableToOtherTenants" and set the "knownClientApplications" client ID of our WebApp in our WebAPI manifest we get the following error after attempting to upload them:
ParameterValidationException=Invalid parameters provided; BadRequestException=Host name in property identifierUris is not on any verified domain of the company or its subdomain
webapp和webapi都是AzureAD中的App Services,它们都使用.azurewebsites.net作为清单中的identifierUris.我们不打算为这些服务注册域名,因为这些服务仅用于内部测试.应用程序部署的订阅似乎与应用程序在Azure AD中注册的目录相关联,那么为什么这些Uris会出现问题?
Both the webapp and webapi are App Services in AzureAD and are using the .azurewebsites.net as the identifierUris in their manifests. We were not planning on registering a domain name for these services since these services are just for internal testing. The subscription the apps are deployed does appear to be associated with the directory the apps are registered in Azure AD, so why would it have a problem with these Uris?
推荐答案
从管理门户中的App ID URI的帮助程序文本中:
From the helper text for App ID URI in the management portal:
URI用作应用程序的唯一逻辑标识符. URI 必须在经过验证的自定义域中,外部用户才能向您的应用授予对其在Microsoft Azure AD中数据的访问权限
话虽如此,由于App ID URI没有任何功能上的含义,因此您仍然可以通过将App ID URI设置为类似以下内容来进行测试:
That being said, since the App ID URI doesn't have any functional implications, you should still be able to do your testing by setting your App ID URI to something along the lines of:
http://<localhost_or_whatever>.<tenantName>.onmicrosoft.com
但是请保持您的回复URL指向您的.azurewebsite.net URI.
But keeping your Reply URLs as they are pointing to your .azurewebsite.net URIs.
这应该使您能够将应用配置为多租户,并在所需的任何站点上进行测试.
This should let you proceed with configuring your app as multi-tenant and do your testing with whatever site you want.
这篇关于编辑清单以启用availableToOtherTenants后,Azure AD错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
