Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ADFS 'active_directory' endpoint can't be recognized if trailing slash is present #4213

Closed
viananth opened this issue Aug 14, 2017 · 2 comments
Closed

ADFS 'active_directory' endpoint can't be recognized if trailing slash is present #4213

viananth opened this issue Aug 14, 2017 · 2 comments
Assignees
@yugangw-msft
Labels
Auth
Milestone
Sprint 24

Comments

@viananth
Copy link
Member

viananth commented Aug 14, 2017
edited by troydai
Loading

Description

Outline the issue here:
If the "endpoint-active-directory" parameter for ADFS env has a trailing slash in it, the tenant is not able to login.

Error:

ERROR : az.azure.cli.core.util : Instance Discovery request returned http error: 400 and server response: 
{
  "error":"invalid_instance",
  "error_description":"AADSTS50049: Unknown or invalid instance.\r\nTrace ID: e424a75e-3f92-41ac-b1f1-6fa393da0300\r\nCorrelation ID: b3d0a700-5c5b-4c3f-91b9-0e8001e3ec67\r\nTimestamp: 2017-08-12 08:15:45Z",
  "error_codes":[50049],
  "timestamp":"2017-08-12 08:15:45Z",
  "trace_id":"e424a75e-3f92-41ac-b1f1-6fa393da0300",
  "correlation_id":"b3d0a700-5c5b-4c3f-91b9-0e8001e3ec67"
}

But once the trailing slash was removed, tenant was able to login.
@viananth viananth changed the title ADFS 'active_directory' endpoint can ADFS 'active_directory' endpoint can't be recognized if trailing slash is present Aug 14, 2017
@yugangw-msft yugangw-msft added the Account az login/account label Aug 14, 2017
@yugangw-msft yugangw-msft added this to the Sprint 21 milestone Aug 14, 2017
@yugangw-msft yugangw-msft self-assigned this Aug 14, 2017
@tjprescott
Copy link
Member

@viananth is this related to #4216?

@mayurid mayurid modified the milestones: Sprint 21, Sprint 24 Sep 28, 2017
@yugangw-msft
Copy link
Contributor

Different thing from #4216 .
@viananth, like I communicated in the mail thread, let us settle on how ADFS endpoints in the Stack env would look like, document it, and I will align CLI's auth code for that

@yugangw-msft yugangw-msft mentioned this issue Sep 29, 2017
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yugangw-msft yugangw-msft

Labels
Auth
Projects
None yet
Milestone
Sprint 24
Development

No branches or pull requests
5 participants
@tjprescott @mayurid @yugangw-msft @haroldrandom @viananth