Wondering if someone can explain the difference between CallbackPath and RedirectUrl in AzureAD. In my appsettings.json file, this is what I have
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"TenantId": "mytenantId",
"ClientId": "myclientId",
//"RedirectUrl": "https://localhost:7137/myhome/Index",
"CallbackPath": "/myhome/Index",
"SignedOutCallbackPath": "/signout-callback-oidc"
}
I'm trying to make sense as why RedirectUrl has been commented out and still it works. Why CallbackPath is similar to RedirectUrl.
The redirect URI contains the CallBackPath and is constructed using the scheme, host, port, and path from the request and CallBackPath, and the CallBackPath is the path where the server will redirect after authentication.
As mentioned in the documentation, the CallBackPath is the Open ID Connect redirect URI protocol value as well as the request path within the application's base path where the user-agent will be returned. The middleware will process this request when it arrives. This is the OIDC redirect URI protocol value.
Terms like Redirect URI, Callback URI, Redirection URL, and Reply URL are used interchangeably and some have different names based on legacy terminology in older protocols.