Azure/Azure-Lighthouse-samples

Register Managed Services RP Partner error AADSTS500113

jberry777 opened this issue · 2 comments

The issue:
Adding the registered app from step 1 to the customer tenants in step 2 fails due to no reply address.

What I tried:
I tried adding https://<functionName>.azurewebsites.net/.auth/login/aad/callback as the callback but this resulted in a different error, a 404 error.

I created a registered app to use as the service principal described in step 1.
Step 2 describes adding that registered app to the customer tenants using this pattern: https://login.microsoftonline.com/{tenant-id}/adminconsent?client_id={client-id}.
Navigating to the built URL resulted in a failure to sign in and returned an AADSTS500113 error stating that there's no reply address registered for the application.

Since we're using the registered app for the service principal and it's not a real web application, what reply address should we use in the registered app?

This is referring to the Register Managed Services RP Partner directory in the repo.

In this case the error appears to be incidental. Using PowerShell is just as effective and does not throw and error.
https://docs.microsoft.com/en-us/answers/questions/883556/lighthouse-with-aad-registered-application-aadsts5.html?childToView=885116#answer-885116