.NET MAUI Browser Delegated Authentication redirect URL invalid

Question

Followed the instructions here for browser-delegated authentication, steps completed under .NET MAUI including "Prepare tenant", "Create .NET MAUI app", and "Sign in and sign out". Code can be found here. As you can see in the images, the RedirectUrl in code matches what is in Azure under app registrations.

However, after entering my email on the login screen and clicking next, I get an invalid_request error that the 'redirect_uri' is not valid.

Possibly related, when I attempt to test my user flow using these instructions, the option to "Run user flow" is missing. I think I meet the prerequisites. I've created the user flow and linked it to my app. How do I verify that my tenant is an external tenant?

Answer 1

You won't be having Run user flow option if you created user flow in normal Microsoft Entra tenant like this:

To resolve this, make sure to create external tenant by clicking this link and switch to newly created directory like this:

In this external tenant, create new app registration and add redirect URI in "Mobile & desktop applications" platform:

Now, create one user flow in this external tenant as below:

Make sure to assign previously created app registration to this user flow:

You can now run the user flow by clicking Run user flow button :