Azure Static web app - Custom Identity Auth with Azure AD
I am new to the Azure Static app and struggling to make Azure AD SSO work with Azure AD app registration. I went through the questions already available on stack overflow but the responses miss the routing config in staticwebapp.config.json file and I feel I am making some mistakes there.
Active Directory registration
staticwebapp.config
Azure Static web app configuration
Now when I try to login using the URL https://black-flower-007ce3a10.2.azurestaticapps.net/login, it gets redirected to https://login.microsoftonline.com//oauth2/v2.0/authorize?response_type=code+id_token&redirect_uri=https%3a%2f%2fblack-flower-007ce3a10.2.azurestaticapps.net%2f.auth%2flogin%2faad%2fcallback&client_id=&scope=openid+profile+email&response_mode=form_post&nonce=91a9c801d3dd4a85b274fecdeb713958_20221109234404&state=redir%3d%252F.auth%252Fcomplete&sso_nonce=&client-request-id=
Any help?
I tried to reproduce the same in my environment and got the same error as below:
The error usually occurs if the API permissions of the Azure AD Application are not consented by the Global Admin like below:
To resolve the error, sign-in with Global Admin account and grant the admin consent for the API permissions like below:
Alternatively, you can also sign-in with Global Admin credentials and Accept the consent on behalf of organization like below:
https://login.microsoftonline.com/TenantID/adminconsent?client_id=ClientID
After doing the above setting, when I hit the Authorize URL and signed in with user credentials, I am able to get the response successfully like below:
If you want to allow users to consent to the Application, try the below:
Go to Azure Portal -> Enterprise Application -> User Settings -> Go to Consent and permissions
