question

LOOSAymric-3124 avatar image
0 Votes"
LOOSAymric-3124 asked rameexahmedkhan-5021 commented

Redirect URL in Android app

Hello everyone !

I am currently developing an android app requiring the power of Microsoft authentication and its API Graph. The objective is to offer users the possibility to find friends into the same tenant (i.e University) by using Graph.

However, there is something I didn't actually understand about redirect URLs we have to add on Azure App registration. My colleagues cannot make request using my URL specified into the JSON provided by Azure:

{
"client_id" : "a506XXXX",
"authorization_user_agent" : "BROWSER",
"redirect_uri" : "msauth://com.example.myfirstapp/OizXXXXXXXXX",
"broker_redirect_uri_registered" : true,
"account_mode" : "SINGLE",
"authorities" : [
{
"type": "AAD",
"audience": {
"type": "AzureADMyOrg",
"tenant_id": "XXXXX"
}
}
]
}

Do all developers have to specify a different redirect URL based on their project signature ? It seems to be weird because once the app in production launched, there will be only one redirect URL ...

Many thanks for your help

azure-ad-app-registrationazure-ad-authentication-protocolsmicrosoft-graph-explorerazure-ad-app-development
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

LOOSAymric-3124 avatar image
0 Votes"
LOOSAymric-3124 answered rameexahmedkhan-5021 commented

Let us explain the problem properly. There are in fact two different hashes when registering an app on Azure portail.

  • One is used for developing the app and all developers have to specify their own signature because their environment differ.

  • One is used for releasing your app in production. This kind of hash is unique and all developers can use the same hash.

In case of an Android app, Android studio will compute a debug key which is not what we want when releasing in production mode. The portion of code provided above computes a debug hash which is in fact linked with the development hash signature called by Microsoft.

below a screenshot of the panel displayed on the Azure portail where you can find these two hashes:

98457-captureazureconfigurationwithfocus.png

To conclude, be careful of what you want and what Microsoft provides.



· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I cannot register my Android app I entered signature hash but it returns this error : Failed to update FolderLock application. Error detail: One or more of your reply urls is not valid. [LP9ejF55CYdJRDnIXcN8pG]
BUT when I change the package name it makes the redirect URI ! What is wrong here ? Kindly please guide as there are no clear instructions for the redirect URI for Android app and can't waste my time anymore because I have tons of other which I have to do after the sign in !

0 Votes 0 ·
SaurabhSharma-msft avatar image
1 Vote"
SaurabhSharma-msft answered SaurabhSharma-msft commented

Hi @loosaymric-3124,

Thanks for using Microsoft Q&A !!

Redirect uri is associated with your application and not for each individuals so if your other developers are creating different apps then they need to use different redirect URI's as they have different application registrations. If they are trying to working on the same application URI needs to be the same. Can you please provide more details how your colleagues are trying to using your redirect_uri and what is the error they are getting ?
Please refer to Quickstart: Sign in users and call the Microsoft Graph API from an Android app for code sample. Also, please refer to Android Microsoft Authentication Library configuration file for additional details.

Thanks
Saurabh

· 5
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @loosaymric-3124,

Please let me know if you have any questions. Also, please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.


Thanks
Saurabh

0 Votes 0 ·

Sorry @SaurabhSharma-msft I didn't succeed to aswer your question.

To make things clearer, here is the error my colleagues get (or me when using a new PC):
com.microsoft.identity.client.exception.MsalClientException: The redirect URI in the configuration file doesn't match with the one generated with package name and signature hash. Please verify the uri in the config file and your app registration in Azure portal

In fact, if my colleagues clone the repo and run the project, it will fail and they obtain the previous error. They have to generate a new hash signature computed for their project (even if they are exactly the same) and put in into the app registration config portail. Then, they need to modify their JSON config file with the redirect uri obtained by Azure portail.

0 Votes 0 ·

@loosaymric-3124 You may be getting this error when you used your own key/keystore when setting up the app registration, since the app will use the debug one when running locally. Please refer to this GitHub Issue which talks about similar issue. Also, refer to Register your application page to validate the android registration steps. Please let me know if you still face this error.

Thanks
Saurabh


1 Vote 1 ·
Show more comments