Share via

Azure Function - Authentication - Allowed External Redirect URLs

Sean Sparkman 10 Reputation points
2025-09-17T03:52:33.0566667+00:00

I have added acudose://easyauth.callback and https://www.microsoft.com. Only https://www.microsoft.com works. Using the post_login_redirect_url parameter sends me to the done page instead of acudose://easyauth.callback when providing the acudose://easyback.callback, but the post_login_redirect_url parameter of https://www.microsoft.com works just fine. I got through the oauth and redirect just fine to https://www.microsoft.com. This was literally working 24 hours ago. With no change to the authentication configuration. Troubleshooting complains that I don't have it configured. Additionally, at some point acudose://auth stopped working. It said that's not a valid URI. I am guessing Microsoft changed their validation as that's based on their own documentation. I honestly considering using a different service as this is ridiculous. It's no wonder Microsoft no longer calls this EasyAuth.Screenshot 2025-09-16 224751

User's image

Azure Functions
Azure Functions

An Azure service that provides an event-driven serverless compute platform.

0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Amira Bedhiafi 41,131 Reputation points Volunteer Moderator
    2026-04-07T14:34:56.1266667+00:00

    Hello Sean !

    Thank you for posting on MS Learn Q&A.

    I would not rely on direct deep links like in your case from allowed external redirect URLs anymore and even when I check the official docs I couldn't find anything related to the custom URI schemes for this setting while it is explicitly distinguish post_login_redirect_uri from the identity provider redirect URI which is another hint that Easy Auth expects a normal web URL at that stage.

    As a workaround you can try :

    /.auth/login/aad?post_login_redirect_uri=https%3A%2F%2Fyourdomain.com%2Fauth%2Fbridge

    and then make https://yourdomain.com/auth/bridge do the final hop to your app:

    <script>
  window.location.replace("acudose://easyauth.callback");
</script>

    so this way you keep Easy auth on a supported https redirect then hands off to your custom scheme yourself.

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.