Uploaded image for project: 'Single Sign On'
  1. Single Sign On
  2. MGNLSSO-64

SSO Module appends ?client_name=OidcClient to callbackURL, preventing integration with Azure B2C

    XMLWordPrintable

Details

    • Bug
    • Resolution: Duplicate
    • High
    • None
    • 1.1.1
    • sso-connector
    • None
    • Azure Linux VM (debian 10, Tomcat 9), Magnolia DX Core 6.2.9

    Description

      Steps to reproduce

      1.  Create and configure an Azure AD B2C tenant
      2.  Configure a Magnolia deployment as per  https://docs.magnolia-cms.com/product-docs/6.2/Modules/List-of-modules/SSO-module.html to connect to the B2C tenant
      3. Attempt to access Magnolia

      Expected results

      Redirects to Azure AD B2C login page

      Actual results

      Azure AD B2C reports that the redirect URI supplied in the request does not match any allowed for the client.  Azure AD B2C also does not allow Querystrings to be added to the allowed redirect URIs

      Workaround

      Rewrite rule applied in Azure App Gateway to remove the problematic Querystring value

      Development notes

      Checklists

        Acceptance criteria

        Attachments

          Issue Links

            Activity

              People

                Unassigned Unassigned
                lsalter Lee Salter
                Votes:
                1 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  Checklists

                    Bug DoR
                    Task DoD