![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 75%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKH%3C/text%3E%3C/svg%3E)
ASP.NET
A set of technologies in the .NET Framework for building web applications and XML web services.
3,600 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 55.00000000000001%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hello @Kelvin Hoover,
Thank you for posting your query on Microsoft Q&A.
Based on your issue description, I understand that when the user is returned after authentication, it is redirected to 'https://{server}/signin-microsoft' which throws Microsoft.AspNetCore.Authentication.AuthenticationFailureException with 'AADSTS500112' error: 'The reply address 'http://{server}/signin-microsoft' does not match the reply address 'https://{server}/signin-microsoft' provided when requesting Authorization code.
I am providing you the detailed analysis of the Error code : AADSTS50011 below.
Cause:
This error occurs if the redirect URI (reply URL) configured in the application (code) and the Microsoft Entra app registration don't match.
When a user accesses the application for authentication, the application redirects the user to Microsoft Entra ID with a predefined redirect URI. Once the user is authorized successfully, Microsoft Entra ID verifies the following values:
- The redirect URI sent from the application
- The redirect URI values in the registered application in Microsoft Entra ID
If the redirect URI the application sent doesn't match any of the redirect URIs in Microsoft Entra ID, error AADSTS50011 will be returned. If the values match, Microsoft Entra ID sends the user to the redirect URI.
Resolution:
To fix the issue, please follow these steps to add a redirect URI in Microsoft Entra app registration.
- Copy the application ID from the error message.
- Go to the Azure portal. Make sure you sign in to the portal by using an account that has permissions to update Microsoft Entra Application registration.
- Navigate to Microsoft Entra ID, select App registrations, locate the application registration by using the application ID, and then open the app registration page.
- On the app registration page, select Authentication. In the Platform configurations section, select Add URI to add the redirect URI displayed in the error message to Microsoft Entra ID.
- Save the changes and wait three to five minutes for the changes to take effect, and then send the login request again. You should now be able to sign in to the application. If you don't see the Microsoft Entra login page, try clearing the password cache from your browser or use InPrivate browsing.
Note:
1.Redirect URIs is also referred to as Reply URLs.
2.If the redirect URI sent from the application isn't the desired one, you should update your application code or configuration.
For additional details about this error code : AADSTS50011, please refer to the below document for your reference.
Additionally, based on the above mentioned error, I can see that the Reply URL is configured as http://{server}/signin-microsoft.
Please note that the Reply URLs or Redirect URIs must begin with the scheme https, with exceptions for some localhost redirect URIs.
Please refer to the below document for your reference.
I hope this above information provided is helpful. Please feel free to reach out if you have any further questions.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Thanks and Regards,
Sanoop Mohan