SAP Knowledge Base Article - Preview

3242514 - AADSTS50011 error occurs after redirected to Microsoft Entra ID (Azure AD) as Corporate Identity Provider

Symptom

  • Identity Authentication acts as a proxy to delegate the authentication to Microsoft Entra ID (Azure AD) as corporate identity provider.

  • After redirected to Microsoft Entra ID (Azure AD), the following error occurs:
    • AADSTS50011: The reply URL 'https://<tenant ID>.accounts.cloud.sap/saml2/idp/acs/<tenant ID>.accounts.ondemand.com' specified in the request does not match the reply URLs configured for the application '<Application Name>'. Make sure the reply URL sent in the request matches one added to your application in the Azure portal. Navigate to https://aka.ms/urlMismatchError to learn more about how to fix this.

      
  • Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.


Read more...

Environment

SAP Cloud Identity Services

Product

Identity Authentication 1.0

Keywords

IAS, AADSTS50011, Azure, Entra, ID, Microsoft, CSD, Common Super Domain, Identity Authentication, error, fail, AD, active directory , KBA , BC-IAM-IDS , Identity Authentication Service , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.