Custom URL domain doesn't work with tenant ID instead of its name in URL

Question

Hi there,

coming from Azure B2C, my company is used to know that `https://login.example.tld/

Answer 1

Hi @Eagle3386
Thank you for posting your query on Microsoft Q&A.

I understand that when you are using https://login.example.tld/example.tld/oauth2/v2.0/authorize?client_id=… the login page shows up. But when you are using https://login.example.tld/<our tenant ID>/oauth2/v2.0/authorize?client_id=… you are encountering "AADSTS500210: Domain name does not match with the tenant identifier" error.

You are trying to make the URL with a GUID instead of the tenant's domain work. You can replace your external tenant's name in the URL with your tenant ID GUID to remove all references to “onmicrosoft.com” in the URL. You can find your tenant ID GUID in the Overview page in the Azure portal or the Microsoft Entra admin center.

For example, change https://account.contosobank.co.uk/contosobank.onmicrosoft.com/ to https://account.contosobank.co.uk/<tenant-ID-GUID>/.

If you choose to use tenant ID instead of tenant name, be sure to update the identity provider OAuth redirect URIs accordingly. When you use your tenant ID instead of tenant name, a valid OAuth redirect URI looks similar to the following sample:

https://login.contoso.com/00001111-aaaa-2222-bbbb-3333cccc4444/oauth2/authresp

Make sure you also set up your custom URL domain on Azure Front Door by creating a CNAME DNS record Associate the custom URL domain with your Front Door and Enabling the route.

You can also try Azure Front Door advanced configuration also.

Follow the document for more information: https://learn.microsoft.com/en-us/entra/external-id/customers/how-to-custom-url-domain?source=recommendations

Hope this helps. Do let us know if you have any further queries.

If this answers your query, do click `Accept Answer` and `Yes`.