Azure AD Authentication Setup with Spring Boot Web App - AADSTS50011

Question

I followed the official configure-spring-boot-starter-java-app-with-azure-active-directory tutorial but I can't seem to get it to work. I've confirmed the redirect url is exactly as written with the same security controller.

Here is my request headers:

HTTP/1.1 302 
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Location: https://login.microsoftonline.com/07d020b6-d78f-40cb-b6c7-98eab8c29a94/oauth2/v2.0/authorize?response_type=code&client_id=8ff48ac1-1ddf-479d-ac5a-5db407c70c50&scope=openid%20profile%20https://graph.microsoft.com/User.Read%20https://graph.microsoft.com/Directory.Read.All&state=aUtWlcsG6Oc6NnYxA8z7E339CVlfodi7kBs5HiNIx8M%3D&redirect_uri=http://localhost:8080/login/oauth2/code/&nonce=xhjQJa-IVP_9kXFKsDX_oNrLprt4HnqDzUgyYqrjyBA
Content-Length: 0
Date: Fri, 16 Apr 2021 17:31:11 GMT
Keep-Alive: timeout=60
Connection: keep-alive

Note that the location contains my RedirectURI: http://localhost:8080/login/oauth2/code/azure

I've also reviewed other issues, and it feels close but, as mentioned, the tutorial what was provided -- so it should work.

Please let me know if you need any other information.

Request Id: a6cb6d0d-9a3a-4bd3-a2b7-c16c053c7b01 Correlation Id: 9f74d074-df2c-4a73-8c79-31aa7442a427 Timestamp: 2021-04-16T16:54:36Z Message: AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: '8ff48ac1-1ddf-479d-ac5a-5db407c70c50'.

Answer 1

You actually sent

http://localhost:8080/login/oauth2/code/

as redirect_uri in logon request. But app was likely defined with following redirect_uri.

http://localhost:8080/login/oauth2/code/azure

They don't match. Hence the error.