Callback Method not being called after Azure Entra Id Authentication

[itsutkarshgoyal]

Which version of Duende IdentityServer are you using? Identity Server 6 Which version of .NET are you using? .NET 6 Describe the bug After the Authentication with Azure Entra I am have configured the azure entra id through openid connect , after the authentication , it gets stuck in redirect uri and callback method does not get called.

In logs i get Duende.IdentityServer.ResponseHandling.AuthorizeInteractionResponseGenerator: Information: Showing login: User is not authenticated

[AndersAbel]

Can you please share the redirect/request steps, including the http status code?

It should be something like this:

• https://idsrv.example.com/connect/authorize 302
• https://idsrv.example.com/Account/Login 200
• https://idsrv.example.com/Account/Challenge 302
• https://login.microsoftonline.com/..... (may be multiple pages, but resulting in a 302 or 200)
• https://idsrv.example.com/signin-oidc
• https://idsrv.example.com/Account/ExternalLoginCallback

[itsutkarshgoyal]

[AndersAbel]

/signin-oidc should return a 302 and not a 200. Looking at your configuration I see that you have used the same path for the SignedOutCallbackPath. I think that might be the reason. The handler checks if the SignedOutCallbackPath matches first and when it does, it never runs the code that reads the incoming response. You can leave the SignedOutCallbackPath with the default value which is /signout-callback-oidc.

In Entra Id you should also remove the config that allows implicit and hybrid flows. Your client already uses code flow which is the preferred flow.

[itsutkarshgoyal]

Thanks for the prompt resolution , callback is hitting now.

[AndersAbel]

That's great news. Can consider this issue solved and go ahead and close it?

[itsutkarshgoyal]

had just a follow up question of this , my implemention of callback action method is as follow

but after redirection , it is staying on identity server instead of actually redirecting to client url the return url is coming as "/connect/authorize/callback?client_id=fmprohub-web&redirect_uri=http%3A%2F%2Flocalhost%3A3006%2Fshell%2Fsample&scope=openid&response_type=code&state=HC1mRWBMXL0cq9BD&nonce=kTokQVueWWLc&code_challenge=pKK_tFBAwHbeRhHYoiJpkDBwPtF-uEviBboiwUcw9vc&code_challenge_method=S256"

[itsutkarshgoyal]

FYI

[itsutkarshgoyal]

seems like location header in callback request is not proper

[AndersAbel]

I cannot really follow what is happening without having the full URLs.

Can you please supply the full URLs and response status codes for each step above?

[itsutkarshgoyal]

Thanks , issue was resolved. Needed to delete the temp external cookie and sign in to http context then redirect to return url