Custom Policy - The reply url specified in the request does not match the reply urls configured
Setting up a local test Blazor WASM hosted application .net 5 with AAD B2C, with custom policy to limit to specific tenant list.
appsetting client
"AzureAdB2C": {
//"Authority": "https://mytenant.b2clogin.com/mytenant.onmicrosoft.com/B2C_1A_TrustFrameworkExtensions",
"ClientId": "fxxxxxxxxxxxxxxxxxxxxxxxxf",
"ValidateAuthority": false,
}
appsetting server
"AzureAdB2C": {
"Instance": "https://AppItTTL.b2clogin.com/",
"ClientId": "exxxxxxxxxxxxxxxxxxxxxxxxxxe",
"Domain": "AppItTTL.onmicrosoft.com",
//"SignUpSignInPolicyId": "B2C_1A_TrustFrameworkExtensions"
}
Followed steps from
https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/hosted-with-azure-active-directory-b2c?view=aspnetcore-5.0
and
https://learn.microsoft.com/en-us/azure/active-directory-b2c/identity-provider-azure-ad-b2c?pivots=b2c-custom-policy
App registration redirect URI is recommended as https://localhost:{PORT}/authentication/login-callback from the first article but the second recommends https://your-B2C-tenant-name.b2clogin.com/your-B2C-tenant-name.onmicrosoft.com/oauth2/authresp
If the authentication/login-callback is not present I get "The resource you are looking for has been removed, had its name changed, or is temporarily unavailable." in the url line you can see the redirect url its looking for is the localhost one.
If the localhost redirect url is present in the app registration then the login authentication goes through and then receives "The reply URL specified does not match..." I tried adding then the second https://mytenant.b2clogin.com/mytenant.onmicrosoft.com/oauth2/authresp into the app reg but still receive same error as below
as
I then tried to use a normal userflow to test and added the OpenID Connect as per https://learn.microsoft.com/en-us/azure/active-directory-b2c/identity-provider-azure-ad-single-tenant?pivots=b2c-user-flow but have the same issue.
Even if I try using https://jwt.ms as the redirect for testing it throughs up the same error that the reply URL does not match.