I resolved this myself by looking closer at what you posted, when specifying "redirect_uri" in Azure AD for OpenID Connect (OIDC).
The redirect_uri should be: https://cas.mydomain.com/cas/login/clientName where clientName is the property specified at "cas.authn.pac4j.oidc[0]. azure.clientName=" Thank you for posting this and your response, it helped me get this figured out. Best On Friday, December 20, 2019 at 10:57:23 AM UTC-7, BColly wrote: > > Hi bottlecheck, > After you set your cas.server.name and cas.server.prefix, what did you > end up setting as the "redirect_uri" in Azure AD configuration? > Thanks in advance for your help > > On Wednesday, May 1, 2019 at 8:13:43 AM UTC-6, bottlecheck wrote: >> >> Indeed it was something extremely basic, I had forgotten to set the CAS >> server name and prefix. Remember to set: >> >> cas.server.name=https://cas.mydomain.com >> cas.server.prefix=https://cas.mydomain.com/cas >> >> Thank you again for a great product! >> >> On Wednesday, May 1, 2019 at 5:16:21 PM UTC+5:30, bottlecheck wrote: >>> >>> Hello, >>> >>> Is anyone delegating CAS authentication to Azure AD? I am attempting to >>> delegate CAS authentication to Azure AD / OpenId Connect using the >>> pac4j-webflow support library. >>> >>> I cannot seem to find a parameter that allows me to specify the >>> redirect_uri. CAS redirects correctly to microsoftonline for >>> authentication, but microsoftonline will not redirect back to CAS due to >>> the following error: "The reply url specified in the request does not match >>> the reply urls configured for the application". The redirect_uri received >>> by microsoftonline is https://cas.example.org:8443/cas/login/cas >>> >>> I tried to specify it using customParams.redirectUri, but this did not >>> work. I cannot seem to find anything on the mailing list, so I'm probably >>> missing something really basic. >>> >>> Here is my config so far: >>> >>> cas.authn.pac4j.oidc[0].azure.id=xxxxxxxxxxxx >>> cas.authn.pac4j.oidc[0].azure.secret=xxxxxxxxxxx >>> cas.authn.pac4j.oidc[0].azure.clientName=cas >>> cas.authn.pac4j.oidc[0].azure.autoRedirect=true >>> cas.authn.pac4j.oidc[0].azure.tenant=xxxxxxxxxxx >>> cas.authn.pac4j.oidc[0].azure.scope=openid,email,profile >>> cas.authn.pac4j.oidc[0].azure.customParams.redirectUri= >>> https://app.mydomain.com >>> >>> Any help at all would be much appreciated! >>> >>> Thanks >>> >> -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/ed5e74cc-df76-4c37-90ca-28b47b38a50f%40apereo.org.
