Microsoft ADD-应用程序注册-请求中指定的回复URL与配置的回复URL不匹配 [英] Microsoft ADD - App registration - The reply url specified in the request does not match the reply urls configured

问题描述

我创建了一个Web应用程序，该应用程序正在使用Azure Active Directory身份验证.

I created a web application which is working with an Azure Active Directory authentification.

在localhost上一切正常，但是将应用程序发布到Azure时出现以下错误:

Everything works fine on localhost, but I'm getting the following error when I publish the application into Azure:

AADSTS50011:请求中指定的回复网址与回复为应用程序配置的URL:'656cc46c-f858-4a45-bf83-698791e052f1'.

AADSTS50011: The reply url specified in the request does not match the reply urls configured for the application: '656cc46c-f858-4a45-bf83-698791e052f1'.

我尝试过的事情:

在Azure中，我将有问题的应用程序的Reply URL配置为:

In Azure, I configured the Reply URL of the application in question to be:

http://gp-rh.azurewebsites.net/signin-oidc

这是我的appsetting.json:

Here is my appsetting.json:

{
  "AzureAd": {
    "Instance": "https://login.microsoftonline.com/",
    "Domain": "legroupeti.com",
    "TenantId": "7c6ff5e2-0660-4b65-9b64-7a78df412819",
    "ClientId": "656cc46c-f858-4a45-bf83-698791e052f1",
    "CallbackPath": "/signin-oidc"
  },
  "Logging": {
    "IncludeScopes": false,
    "LogLevel": {
      "Default": "Warning"
    }
  }
}

在我的应用程序中，执行登录的控制器设置如下:

In my application, the controller that does the login is set like this:

[HttpGet]
public IActionResult SignIn() {
    var redirectUrl = Url.Action("Index", "Dashboard",
        new { date = DateTime.Now, anchor = "period" });
    return Challenge(
        new AuthenticationProperties { RedirectUri = redirectUrl },
        OpenIdConnectDefaults.AuthenticationScheme);
}

我的应用程序的默认页面是/，该页面会重定向到/Dashboard .

The default page for my application is / which redirect to /Dashboard.

我不知道哪里出了问题，但仍然无法正常工作.

I don't know where I went wrong, but it still does not work.

推荐答案

redirect_uri 必须完全匹配您注册的URI之一， ，包括方案( http://， https://).

The redirect_uri must match one of your registered URIs exactly, including the scheme (http://, https://).

通常，出于开发目的，您应该仅使用不安全的方案( http ).对于测试/阶段/生产，您应该始终使用安全连接( https ).在这种情况下，绝对没有理由不使用 https://gp-rh.azurewebsites.net/signin-oidc ，因为默认情况下 azurewebsites.net 支持HTTPS.

In general, you should only use an unsecured scheme (http) for development purposes. For test/stage/production, you should always use a secure connection (https). In this case, there is absolutely no reason to not use https://gp-rh.azurewebsites.net/signin-oidc since azurewebsites.net supports HTTPS by default.

这篇关于Microsoft ADD-应用程序注册-请求中指定的回复URL与配置的回复URL不匹配的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！