Hello everyone. I’ve set up single sign-on for Microsoft Azure Active Directory correctly. I have the client id, secret value, domain name, and I’ve enabled Identifier first. I’ve tested the configuration and during the test, I was able to sign in with my Azure AD credentials successfully. That was the test. Now, the problem is I want to sign in using SSO in production. I don’t have a custom domain name set up; I just simply tried using the default dev-(string of numbers and characters) and I get an “Oops!, something went wrong” It says there’s a misconfiguration in the system or a service outage. How do I get around this? What am I doing wrong? In Azure, the dev-string is in the Redirect URI field. What am I missing?? Thanks in advance.
Hi @johnny.badd
Welcome to the Auth0 Community.
We might need some more information on that error, when the error appears there may be a “Technical Details” section at the bottom that you can expand with further information. You may also find this in your tenant logs (Dashboard > Monitoring > Logs).
If you let us know what the specific error is we might be able to assist more.
Warm regards.
The error from the logs says this below:
A user has attempted to access a login page directly. This is not supported unless a “Application Login URI” is set for your application, or a “Tenant Login URI” is set for your tenant. For more information, see: Configure Default Login Routes
So, I went to the link provided in the error message and set the setting on the screen for the default Application URI setting and I’m still getting the same error.
Have you set the default login URI at both tenant and application level? if we cannot get information about the client/application then we will fallback on the tenant level setting https://auth0.com/docs/authenticate/login/auth0-universal-login/configure-default-login-routes
Both values can be set via the dashboard, the fields are called Tenant Login URI and Application Login URI.
Was this the error you got on the “Oops!, something went wrong” screen? just checking if you managed to find an error on that screen.
Yes, that was the error on the screen.
“Oops!, something went wrong” and then the below:
There could be a misconfiguration in the system or a service outage. We track these errors automatically, but if the problem persists feel free to contact us.
Please try again.
When i click the “Technical Details”, I see this:
invalid_request : Missing required parameter: response_type
Hi @johnny.badd
Ok this is the key bit.
This means that you are not passing the response_type parameter in your /authorize request https://auth0.com/docs/api/authentication#enterprise-saml-and-others-
You may need to check your SDK as to how you should go about doing this https://auth0.com/docs/libraries
Warm regards.
And this has to be set up just for Microsoft Azure AD SSO?
Just to take a step back a second:
You’ve setup an enterprise connection to Azure AD and tested the connection via the Try button and that all works https://auth0.com/docs/authenticate/identity-providers/enterprise-identity-providers/azure-active-directory/v2#test-the-connection
You’ve tried to connect via your application and this is not working with the error reported?
If so, you’ve enabled the Azure AD connection against your application?
I note you’ve enabled identifier first, have you added the relevant domains into the Login Experience tab https://auth0.com/docs/authenticate/login/auth0-universal-login/identifier-first#define-home-realm-discovery-identity-providers
At what point is the error occurring? does it get as far as redirecting to Azure for auth?
Warm regards.