openid-connect-generic
openid-connect-generic copied to clipboard
oidc-wp
AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application
Hi All,
I am using this plugin to try and work with wordpress, however consistently getting the same error repeatedly, even when making the auth url redirected and undirected and using Azure app registration. Is this a known issue or am I missing a configuration?
I need to get my test site set back up and get back into my Azure AD to do some testing. Once I get back in I can provide some assistance on how your configuration should be setup for Azure AD.
This sounds like a misconfiguration of your Azure AD setup.
I set it up I believe right. I used the app registration and the url reply with the url redirect shortened so https://subdomain.site.com/shortened url. Also I have it so new users can sign up (were doing azure b2b). Anyways I'd be happy to buy you some beers if we can get this setup.
I need to get my test site set back up and get back into my Azure AD to do some testing. Once I get back in I can provide some assistance on how your configuration should be setup for Azure AD.
Thanks. I've tried numerous times today no avail. We are using latest version of WordPress along with php. Again I'd be happy to buy you some 🍺🍻.
I'm facing similar issue. I have enabled Alternative url: https://XXXXXXX.org/openid-connect-authorize and configured the same in google cloud. But, the url is still pointing to default url and getting a 400 error. Any suggestions?
The redirect URI in the request, https://XXXXXXX.org/wp-admin/admin-ajax.php?action=openid-connect-authorize, does not match the ones authorized for the OAuth client. To update the authorized redirect URIs, visit: https://console.developers.google.com/apis/credentials/oauthclient/
This sounds like a misconfiguration of your Azure AD setup.
I set it up I believe right. I used the app registration and the url reply with the url redirect shortened so https://subdomain.site.com/shortened url. Also I have it so new users can sign up (were doing azure b2b). Anyways I'd be happy to buy you some beers if we can get this setup.
What do you mean by the "url redirect shortened"? Are you using the shortcode to get the authentication URL or a login button in a page on the frontend of your site?
This sounds like a misconfiguration of your Azure AD setup.
I set it up I believe right. I used the app registration and the url reply with the url redirect shortened so https://subdomain.site.com/shortened url. Also I have it so new users can sign up (were doing azure b2b). Anyways I'd be happy to buy you some beers if we can get this setup.
What do you mean by the "url redirect shortened"? Are you using the shortcode to get the authentication URL or a login button in a page on the frontend of your site?
https://domain.com/openid-connect-authorize no button though
@CyberSauce OK, I'll need to do some testing with the Alternative Redirect URI option enabled and see if I can reproduce.
I'm running into the same issue. Apache 2 Server version: Apache/2.4.52 (Ubuntu) Server built: 2022-03-25T00:35:40
I believe you need to add to apache a redirect. Apache doesn't know where /openid-connect-authorize is.
Set up your dev server with Apache, Latest WP and install the plugin. I'm using Active Directory Federation on Win Server 2019. I get a token back in return successfully but Apache doesn't have anywhere to go when Wordpress redirects. /openid-connect-authorize is 404 it's nowhere.
This shouldn't require extra setup in Apache as it should be a WordPress permalinks setup. If your permalinks aren't setup right for your WordPress install with your web server then yes you will have problems. Sometimes all you need to do is visit the WordPress permalinks settings page and re-save to ensure that the permalinks setup is taking affect.
As it sounds like this maybe an issue specific to using the Alternative Redirect URI setting I'll need to take some time to test that more. I never use the Alternative Redirect URI setting myself as I haven't run into a need to use it with any of the IDPs I test with at this point.