Microsoft account is experiencing technical problems. Please try again later.

[brian-ding]

I followed the instruction here (https://azure.microsoft.com/en-us/documentation/articles/app-service-mobile-how-to-configure-microsoft-authentication/)
and also check with (http://www.benday.com/2016/05/14/walkthrough-asp-net-core-1-0-mvc-identity-with-microsoft-account-authentication/)

once i try to login into my website deployed on azure, i will encounter this problem. the webpage shows:Microsoft account is experiencing technical problems. Please try again later. and the url in address bar is ( https://login.live.com/err.srf?lc=2052#error=invalid_request&error_description=The+provided+value+for+the+input+parameter+'redirect_uri'+is+not+valid.+The+expected+value+is+'https://login.live.com/oauth20_desktop.srf'+or+a+URL+which+matches+the+redirect+URI+registered+for+this+client+application.&state=CfDJ8OlAOtTgBn5ChZ5FBExPE_pziixUjKeexTOwUBTZcUYmFuyYMtI6RpMow66g7fhxUmk0DLg0VqavZXKJ7xUAPt3bfIgoEkmEOQPm3iE-jH0vAcNpURygrzBZnIpuIvWTaIBu5NHbeUmNj_IiAGrMJdKzRx0dDf6TxqUxt1MLfvHfFAaAac3YAPyMUgnnHjICvRF_IGp9R-MJBkM75gyzILSaP7nDYDaK3hsZQQY_YNP2uEFJWBb4SmTkiCiBMLQDOFbIBGNNwRBr2aQ8CiWefWAJrq_Nb31MRhEvdnw3IPEA7UF1-jlJmfJCB_jAhH68iyPkyWGdGVywpmouPxv5NGc)

I searched everywhere online, including stackoverflow, but none of them can solve my problem. any ideas?

[Tratcher]

Go to https://apps.dev.microsoft.com/#/appList and check the Redirect Uris registered for your application. You should have one like this for local testing: https://localhost:44318/signin-microsoft

[brian-ding]

@Tratcher Thanks for you answer, but i have tried this "/signin-microsoft" , just like my second reference link says, not working though.

i am wondering, since the url of error page says "error_description = the provided value for the input parameter 'redirect_url" is not valid. the expected value is 'https://login.live.com/oauth20_desktop.srf' or a URL which matches the redirect URI registedred for this client application, should i somehomw register this redirect url, like 'https://mywebiste.azurewebsites.net/signin-microsoft' in the code?

[Tratcher]

I think you're running into this:
aspnet/IISIntegration#140 (comment)

[brian-ding]

@Tratcher i tried again with redirect url http://{domain}/sign-microsoft. it works locally with http://localhost:500, but once i deploy to azure, it failed with a different error.
which says:
Error.
An error occurred while processing your request.
Development Mode
Swapping to Development environment will display more detailed information about the error that occurred.

Development environment should not be enabled in deployed applications, as it can result in sensitive information from exceptions being displayed to end users. For local debugging, development environment can be enabled by setting the ASPNETCORE_ENVIRONMENT environment variable to Development, and restarting the application.

[brian-ding]

@Tratcher Ok, i debug into the process, and it shows
error_description":"AADSTS90019: No tenant-identifying information found in either the request or implied by any provided credentials. Any comments please?

[Eilon]

Can you confirm that you have a redirect URI set up properly in the Microsoft Account configuration?

Or this might be an issue related to switching between HTTP and HTTPS, in which case try using the temporary workaround mentioned here: aspnet/IISIntegration#140 (comment).

[brian-ding]

@Eilon you mean adding these code in ConfigureServices? Still not able to login with @outlook.com microsoft account

[Tratcher]

Possibly related: #866 (comment)

[ghost]

Microsoft account is experiencing technical problems

I had exactly the same problem when I forgot add /signin-microsoft in registred URL on my app settings... but after that everything works well.

However I'm using only localhost in development and my own server/domain in production - I have no test this on Azure.


@brian-ding wrote:

i tried again with redirect url http://{domain}/sign-microsoft

maybe problem is with http - as far I know it should be https ?

About your exception - I had very similar exception when I use old MS App... Creating new app on https://apps.dev.microsoft.com following https://azure.microsoft.com/en-us/documentation/articles/active-directory-v2-app-registration/ is/was solution in my case.

[brian-ding]

@lukaszdev thank you for your reply, I believe the reason is as Tratcher replied, but I have no idea how to make my web redirect to https:// when users log in, is there any chance that you may know how to do that?

thank you

[Tratcher]

@brian-ding did you apply this Azure workaround? aspnet/IISIntegration#140 (comment)

[ghost]

The first, please follow the instructions form @Tratcher.

However answering your question... It's depend.

If you want set up https for all site you can enforcing SSL in your Startup.cs file:

public void ConfigureServices(IServiceCollection services)
{
    services.Configure<MvcOptions>(options =>
    {
       options.Filters.Add(new RequireHttpsAttribute());
    });
}

Of course you need to have domain + SSL certificate.

Then just change website address from http to https - you can do this directly in App settings on Azure portal or in deploy configuration (if you are deploying form VS).

It works well for me on RC1 but - like I said - I don't use Azure now, so I can't confirm if this still working with RC2.

For local use Visual Studio will create temporary SSL certificate for your local IIS, when you configure project to run with SSL.

Here is example from my MVC Core RC2 project (this is configuration in properties tab):

Also I'm not sure how to set `https` / `ssl` only for external authentication purpose and not for all site - I have never try that way ;)