I’ve run into a problem I haven’t seen before. I am trying to get a customer set up with an AAD connection to our SaaS product. I went through the whole process as I have with other operational customers, but this one threw a curveball at me.
The error we receive is:
AADSTS900381: Request redirection failed. Tenant ‘.onmicrosoft,com’ specified belongs to the National Cloud ‘MicrosoftOnline,COM’, but Current Cloud Instance ‘microsoftonline,us’ does not federate with ‘MicrosoftOnline,COM’/
This error seems to imply that because our SaaS product is in the gov cloud, and the customer tenant is part of the “National Cloud ‘MicrosoftOnline,COM’”, they can’t federate. From what I gather, National Cloud means “physically isolated instance of Azure”.
For reference, we use the Auth0 .NET SDK’s AuthenticationApiClient’s to create the redirect uri, as well as validate the token response.
Is this something in Auth0’s court, our court (the SaaS product in the gov cloud) or our customer’s court (the AAD in the National Cloud)?
I’m not quite sure who to talk to about this.
(I replaced addresses with comma, since the forum thought they were links and wouldn’t let me post)