本文介绍了AADSTS50011:请求中指定的回复 url 与为应用程序配置的回复 url 不匹配:'<AppId>'的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我有一个 .NET Core 2 应用模板,该模板配置为使用开箱即用的 Azure AD.

配置是:

{蔚蓝广告":{"实例": "https://login.microsoftonline.com/",域":lautararinolive.onmicrosoft.com","TenantId": "67cb2dfd-ebd5-40d8-829b-378340981a17","ClientId": "50819a7a-e018-4c1d-bf0a-18c8fce5c600",回调路径":/signin-oidc"},记录":{包含范围":错误,日志级别":{默认":警告"}}}

在我的门户中,我有一个与 ClientId 具有相同 ID 的 Azure 应用注册.它有回复 URL [APP-URL]/signin-oidc.

本地主机应用程序在我将回复 URL 设置为 [LocalhostURL]/signin-oidc 时才有效,即使我已经了解到配置不应该影响日志在本地主机上.

Azure 应用在任何情况下都不起作用.

在这两个应用程序中,当它不起作用时,我收到此错误:

AADSTS50011:请求中指定的回复 url 与为应用程序配置的回复 url:'50819a7a-e018-4c1d-bf0a-18c8fce5c600'

  1. localhost 应用不需要配置回复 URL 是否正确?

  2. 为什么会出现未配置回复网址"错误?

解决方案

可以参考此示例 重新构建您的 .NET 核心应用程序并发布到 Azure.

有一些注意事项需要注意:

  1. 您需要将端口从 5000 更改为有效端口.目前应该是 61659.因此,当您在 localhost 中进行测试时,您可以在 AAD 应用程序中使用 http://localhost:61659/signin-oidc

  2. 如果您将应用程序配置为生产使用,或者如果您将应用程序发布到 Azure Web 应用程序,则更新这些 URL,您应该将应用程序配置文件和 AAD 应用程序中的回复 URL 更改为 <AppURL>/signin-oidc

例如,https://www.contoso.com/signin-oidchttps://Myapp.azurewebsites.net/signout-oidc..p>

I have a .NET Core 2 app template that is configured to use Azure AD out of the box.

The configuration is:

{
  "AzureAd": {
    "Instance": "https://login.microsoftonline.com/",
    "Domain": "lautaroarinolive.onmicrosoft.com",
    "TenantId": "67cb2dfd-ebd5-40d8-829b-378340981a17",
    "ClientId": "50819a7a-e018-4c1d-bf0a-18c8fce5c600",
    "CallbackPath": "/signin-oidc"
  },
  "Logging": {
    "IncludeScopes": false,
    "LogLevel": {
      "Default": "Warning"
    }
  }
}

In my portal, I have an Azure app registration with the same id as ClientId. It has the reply URL [APP-URL]/signin-oidc.

The localhost app works only if I set the reply URL to [LocalhostURL]/signin-oidc, even though I've learned that the configuration should not affect log in on localhost.

The Azure app does not work in any case.

In both apps when it doesn't work I get this error:

  1. Is it correct that a localhost app should not need a configured reply URL?

  2. Why do I get the "reply url not configured" error?

解决方案

You can refer to this Sample to rebuild your .NET core App and publish to the Azure.

There are some NOTES you need to pay attention to :

  1. you need to change the port from 5000 to the effective one. Currently, it should be 61659. So, when you do a test in your localhost, you can set the reply URL in the AAD App with http://localhost:61659/signin-oidc

  2. Update these URLs if you configure the app for production use or If you publish the App to Azure Web App, you should change the Reply URL in both App config file and AAD Application to be <AppURL>/signin-oidc

For example, https://www.contoso.com/signin-oidc or https://Myapp.azurewebsites.net/signout-oidc.

这篇关于AADSTS50011:请求中指定的回复 url 与为应用程序配置的回复 url 不匹配:'&lt;AppId&gt;'的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-13 09:35