azure-sdk-for-net icon indicating copy to clipboard operation
azure-sdk-for-net copied to clipboard

Published 20 hours ago verified publisher icon Azure

InteractiveBrowserCredential raises exception if https://localhost is configured as redirect uri

Open Trivedi-Ashish opened this issue 2 years ago • 6 comments

I have a .NET core 3.1 application, which uses Interactive Authentication flow from Azure.Identity SDK to get an access token. I am getting below exception if I configure https://localhost as redirect uri.

Unhandled exception. Azure.Identity.AuthenticationFailedException: InteractiveBrowserCredential authentication failed: Only http uri scheme is supported, but https was found. Configure http://localhost or http://localhost:port both during app registration and when you create the PublicClientApplication object. See https://aka.ms/msal-net-os-browser for details ---> MSAL.NetCore.4.46.0.0.MsalClientException: ErrorCode: loopback_redirect_uri

So, it does not support https uri scheme but Azure/Microsoft recommends secure https uri scheme for configuring redirect uri. https://learn.microsoft.com/en-us/azure/active-directory/develop/reply-url I do not understand this probable contradiction.

Testing Platform: Windows 11 OS Application targets .NET Core 3.1 Azure.Identity SDK: 1.8.0 Code snippet used:

      var options = new InteractiveBrowserCredentialOptions
      {
        ClientId = "<ClientId>",
        TenantId = "<TenantId>",
        RedirectUri = new Uri("https://localhost")
      };

      var tokenRequestContext = new TokenRequestContext(new[] { "<scope>" });
      string token = new InteractiveBrowserCredential(options).GetToken(tokenRequestContext).Token;

Trivedi-Ashish avatar Dec 15 '22 12:12 Trivedi-Ashish

//cc: @christothes

jsquire avatar Dec 15 '22 14:12 jsquire

Thank you for your feedback. Tagging and routing to the team member best able to assist.

jsquire avatar Dec 15 '22 14:12 jsquire

Hi @Trivedi-Ashish - This error comes from MSAL. Would you mind opening up an issue there for this?

christothes avatar Dec 15 '22 22:12 christothes

Hi, we're sending this friendly reminder because we haven't heard back from you in 7 days. We need more information about this issue to help address it. Please be sure to give us your input. If we don't hear back from you within 14 days of this comment the issue will be automatically closed. Thank you!

ghost avatar Dec 23 '22 02:12 ghost

Is it possible to route this current issue to MSAL team?

Trivedi-Ashish avatar Jan 06 '23 16:01 Trivedi-Ashish

Is it possible to route this current issue to MSAL team?

Unfortunately, it is not. Because the repositories are under different GitHub organizations, a direct issue transfer is not possible. Your best bet for doing so would be to copy the body of this issue to a new one.

jsquire avatar Jan 06 '23 16:01 jsquire

Hi, we're sending this friendly reminder because we haven't heard back from you in 7 days. We need more information about this issue to help address it. Please be sure to give us your input. If we don't hear back from you within 14 days of this comment the issue will be automatically closed. Thank you!

ghost avatar Jan 13 '23 20:01 ghost