Sep 27 2024 02:32 AM
Hello,
I have published an application with SAML SSO. from internal, it works fine.
When I connect to https://myapp, all is ok.
I have set up an external Url : https://myapp.my_custom_external.com
When i try to access, i get error AADSTS50011.
I added https://myapp.my_custom_external.com on redirected URI as this article mentionned : https://learn.microsoft.com/en-us/troubleshoot/azure/entra/entra-id/app-integration/error-code-aadst...
But now when i try to access https://myapp.my_custom_external.com, i get a timeout.
Can you help me?
Thanks.
Regards.
Sep 27 2024 05:16 AM
Thank you for your answer but unfortunately I already did this trick and like I said, I get a timeout.
Regards.
Sep 27 2024 12:50 PM - edited Sep 27 2024 12:51 PM
When internal, try and ping the web address that worked (https://myapp) does it resolve an internal address? If so, SAML SSO may still work because it might not be using the App Proxy.
Have you verified you can can communicate between your server hosting the agent and the application? Have you verified that the Server hosting the proxy agent has outbound Internet access and can communicate with Entra ID?
Sep 30 2024 01:12 AM
Sep 30 2024 01:14 AM
Sep 30 2024 01:23 AM - edited Sep 30 2024 01:23 AM
Yeah, that makes sense as it's using internal DNS to resolve the app and just using SAML.
What happens if you remove the custom domain for the app proxy address and use one of Microsofts app proxy addresses. In the Entra portal, is the agent showing as online?
Sep 30 2024 01:35 AM
I cannot change custom domain to msappproxy.net domain, i have to create another application.
I will test.
Yes proxy agent is online.
Sep 30 2024 01:50 AM
Sep 30 2024 05:48 AM
Sep 30 2024 06:04 AM - edited Sep 30 2024 06:12 AM
HEllo,
My firewall has an IP, supposed 10.11.12.13. this is the connector external IP BUT port 443 is redirected to vpnssl webpage. Could it be an explanation?
Sep 30 2024 06:08 AM
Sep 30 2024 06:17 AM
Sorry, i have recheck and i can see thios error.
Sep 30 2024 07:49 AM
Oct 01 2024 02:12 AM - edited Oct 01 2024 02:13 AM
SolutionOk it works now
I ve got a fortigate, with webfilter or other security profile, it does not work, i had to open Internet services.
Like this :
thanks for help.
Oct 01 2024 02:12 AM - edited Oct 01 2024 02:13 AM
SolutionOk it works now
I ve got a fortigate, with webfilter or other security profile, it does not work, i had to open Internet services.
Like this :
thanks for help.