Microsoft ADD-应用程序注册-请求中指定的回复URL与配置的回复URL不匹配 [英] Microsoft ADD - App registration - The reply url specified in the request does not match the reply urls configured
问题描述
我创建了一个Web应用程序,该应用程序正在使用Azure Active Directory身份验证.
I created a web application which is working with an Azure Active Directory authentification.
在localhost上一切正常,但是将应用程序发布到Azure时出现以下错误:
Everything works fine on localhost, but I'm getting the following error when I publish the application into Azure:
AADSTS50011:请求中指定的回复网址与回复为应用程序配置的URL:'656cc46c-f858-4a45-bf83-698791e052f1'.
AADSTS50011: The reply url specified in the request does not match the reply urls configured for the application: '656cc46c-f858-4a45-bf83-698791e052f1'.
我尝试过的事情:
在Azure中,我将有问题的应用程序的Reply URL配置为:
In Azure, I configured the Reply URL of the application in question to be:
http://gp-rh.azurewebsites.net/signin-oidc
这是我的appsetting.json:
Here is my appsetting.json:
{
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "legroupeti.com",
"TenantId": "7c6ff5e2-0660-4b65-9b64-7a78df412819",
"ClientId": "656cc46c-f858-4a45-bf83-698791e052f1",
"CallbackPath": "/signin-oidc"
},
"Logging": {
"IncludeScopes": false,
"LogLevel": {
"Default": "Warning"
}
}
}
在我的应用程序中,执行登录的控制器设置如下:
In my application, the controller that does the login is set like this:
[HttpGet]
public IActionResult SignIn() {
var redirectUrl = Url.Action("Index", "Dashboard",
new { date = DateTime.Now, anchor = "period" });
return Challenge(
new AuthenticationProperties { RedirectUri = redirectUrl },
OpenIdConnectDefaults.AuthenticationScheme);
}
我的应用程序的默认页面是/
,该页面会重定向到/Dashboard
.
The default page for my application is /
which redirect to /Dashboard
.
我不知道哪里出了问题,但仍然无法正常工作.
I don't know where I went wrong, but it still does not work.
推荐答案
redirect_uri
必须完全匹配您注册的URI之一, ,包括方案( http://
, https://
).
The redirect_uri
must match one of your registered URIs exactly, including the scheme (http://
, https://
).
通常,出于开发目的,您应该仅使用不安全的方案( http
).对于测试/阶段/生产,您应该始终使用安全连接( https
).在这种情况下,绝对没有理由不使用 https://gp-rh.azurewebsites.net/signin-oidc
,因为默认情况下 azurewebsites.net
支持HTTPS.
In general, you should only use an unsecured scheme (http
) for development purposes. For test/stage/production, you should always use a secure connection (https
). In this case, there is absolutely no reason to not use https://gp-rh.azurewebsites.net/signin-oidc
since azurewebsites.net
supports HTTPS by default.
这篇关于Microsoft ADD-应用程序注册-请求中指定的回复URL与配置的回复URL不匹配的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!