Uploaded image for project: 'Single Sign On'
  1. Single Sign On
  2. MGNLSSO-64

SSO Module appends ?client_name=OidcClient to callbackURL, preventing integration with Azure B2C

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: High High
    • None
    • 1.1.1
    • sso-connector
    • None
    • Azure Linux VM (debian 10, Tomcat 9), Magnolia DX Core 6.2.9

      Steps to reproduce

      1.  Create and configure an Azure AD B2C tenant
      2.  Configure a Magnolia deployment as per  https://docs.magnolia-cms.com/product-docs/6.2/Modules/List-of-modules/SSO-module.html to connect to the B2C tenant
      3. Attempt to access Magnolia

      Expected results

      Redirects to Azure AD B2C login page

      Actual results

      Azure AD B2C reports that the redirect URI supplied in the request does not match any allowed for the client.  Azure AD B2C also does not allow Querystrings to be added to the allowed redirect URIs

      Workaround

      Rewrite rule applied in Azure App Gateway to remove the problematic Querystring value

      Development notes

        Acceptance criteria

              Unassigned Unassigned
              lsalter Lee Salter
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved:

                  Bug DoR
                  Task DoD