Microsoft Provider callback issue
When following the documentation to use Microsoft Provider
we got the following error:
Request Id: df84388e-b0a0-4e6e-ba56-c9e02a9f4400
Correlation Id: 961f6dfe-be9d-470e-a33b-06beb8553901
Timestamp: 2025-07-31T12:32:09Z
Message: AADSTS50194: Application '1e928936-3ba6-4433-b5ac-xxxxxxxxxx'(ZITADEL BCA) is not configured as a multi-tenant application. Usage of the /common endpoint is not supported for such applications created after '10/15/2018'. Use a tenant-specific endpoint or configure the application to be multi-tenant.
When configuring the app to be multi-tenant we ran into the following error: (sensitive information redacted )
AADSTS50011: The redirect URI 'https://xxxxxx.us1.zitadel.cloud/idps/callback' specified in the request does not match the redirect URIs configured for the application '1e928936-3ba6-4433-b5ac-xxxxxxxx'. Make sure the redirect URI sent in the request matches one added to your application in the Azure portal. Navigate to https://aka.ms/redirectUriMismatchError to learn more about how to fix this.
We then configured Microsoft app to use the callback in the error above leading us to error in the image
My configuration looks like the second image in attached
Error AADSTS50011 the redirect URI does not match the redirect URIs...
Describes error AADSTS50011 that occurs when you sign in to an OIDC-based SSO application in Microsoft Entra ID.
14 Replies
hey @Blemming what is your app type taht yiu have created in zitadel?
its a web app
I have the manifest file from microsoft
I redacted some id information but I dont think anything here is too sensitive
@Rajat any ideas as to why the callback given by zitadel doesnt work ?
hey @Blemming welcome to the server, what version are you running at
what version of zitadel I meant 🙂
it is cloud version
i see on github the latest version is 4, is that available on the cloud and how do I upgrade to that
hey @Blemming yes that is the latest version right now that you can run on self hosted
you cant upgrade the cloud version, for that you need to be self hosted
is there an eta for when version 4 will be available on cloud ? our current instance is a test instance so we dont mind if we need to nuke it
we dont have a timeline/roadmap when does the new cloud versions are being rolled out, but it should be out soon
thank you for your time, we are evaluating other solutions for our auth, we are on a tight schedule and the core functionality we chose zitadel does not work
hey @Blemming the redirect URI seems to be wrong here which result in this error, I have set my msft idp to common and it works
i pu tthe redirect uri given to me by zitadel