Cause:
The application is attempting to authenticate against AAD but is failing to match the URl it is looking for. You might have not given correct reply URL in the registration of your app in AAD, or you have not specified the correct url as the redirect_uri query parameter of the URL when redirecting to the AAD sign in page to allow the user to enter credentials.
Issue can be resolved if you configure same/matching URLS at both places in app registration in AAD and in the web application and also make sure you clear cache.
How to check if both URIs are same:
You can see the reply url/redirect uri during sign-in /Authentication request in the address bar of the browser on the error screen (Recommended to use Chrome or Edge browser) . If it is SAML request, Assertion Consumer Service(ACS)- represents the reply url.
Example:
Work arounds:
Follow these steps to check for your configured Reply URLs in AAD while following the WAYS mentioned and add additional URLs if you want the new uri added in the list :
- Sign into portal.azure.com
- Navigate to Azure Active Directory in the left side bar > App
registrations > Your app > Authentication > Redirect URIs.
WAY1
Remove the slash at the end of the Redirect uri .Try sign-in.
( As reply url in the request is ending with “/” but the reply url configured on the application (with client ID in above error) might be ending without a slash.)
WAY2:
See if both URIs have same protocol (https://)
As AAD will treat http://website.com and https://website.com as two different URLs.
Reference: AAD Auth Failures - Incorrectly configured reply URLs for application | Microsoft Docs
Other wise ,
Suggest you to re-configure your AAD application on Azure and set one or more valid reply URLs.
