Microsoft Azure OAuth2 Redirect URI Notes

Here are some notes regarding OAuth2 Redirect URI’s for Microsoft Azure AD apps.

See https://learn.microsoft.com/en-us/azure/active-directory/develop/reply-url

A few important points:

  • You can add http://127.0.0.1, and it is preferred over http://localhost because of misconfigured firewalls or hosts file etc.   127.0.0.1 is the loopback address and localhost is just translated into 127.0.0.1. The only pitfall is that you have to add it as https://127.0.0.1 and then in the manifest file you have to modify it as http://
  • You don’t have to add port number in the redirect URL, in fact it is discouraged to do so.
  • In the section – Redirect URI (reply URL) restrictions and limitations
    It describes that the server chooses port and then redirects to it, so it can be a random port range.  For example:

    ckOAuth2.put_ListenPort (12345);
    ckOAuth2.put_ListenPortRangeEnd (23456);

    It is possible because AzureAD ignores the port section of the address. It is also recommended NOT to add multiple ports, just the basic URL such as http://localhost or http://127.0.0.1