github-actions[bot]
commented
2 weeks ago Hi there @timlaughlin!
Firstly, a big thank you for raising this issue. Every piece of feedback we receive helps us to make Umbraco better.
We really appreciate your patience while we wait for our team to have a look at this but we wanted to let you know that we see this and share with you the plan for what comes next.
- We'll assess whether this issue relates to something that has already been fixed in a later version of the release that it has been raised for.
- If it's a bug, is it related to a release that we are actively supporting or is it related to a release that's in the end-of-life or security-only phase?
- We'll replicate the issue to ensure that the problem is as described.
- We'll decide whether the behavior is an issue or if the behavior is intended.
We wish we could work with everyone directly and assess your issue immediately but we're in the fortunate position of having lots of contributions to work with and only a few humans who are able to do it. We are making progress though and in the meantime, we will keep you in the loop and let you know when we have any questions.
Thanks, from your friendly Umbraco GitHub bot :robot: :slightly_smiling_face:
timlaughlin
Which Umbraco version are you using? (Please write the exact version, example: 10.1.0)
14.2
Bug summary
When running 14.2 in Azure behind an Azure Firewall that is also responsible for the SSL certificate and accessing the umbraco login page, /umbraco/management/api/v1/security/back-office/authorize is redirecting the user to the domain of the app service and not the host specified in either UmbracoApplicationUrl or BackOfficeHost.
Specifics
No response
Steps to reproduce
Deploy a clean install of 14.2 to an Azure Web App Service. Configure custom domain to point to an Azure Firewall and configure backend settings to point to the Web App Service. Login to umbraco using the custom domain/umbraco.
Expected result / actual result
The domain of the Azure Web App Service should not be used for any purpose in this scenario. The Azure Firewall in this configuration manages the SSL certificate and communicates with the web app service over port 80.