No reply address is registered for the application when there is one configured

H. Pauwelyn picture H. Pauwelyn · Jul 18, 2019 · Viewed 10.4k times · Source

I'm making a WPF application and it must get a key from Azure Key Vault, but I've always this error:

AADSTS500113: No reply address is registered for the application.

This is my code I use:

public class KeyProvider
{
    public string BaseUrl => "https://my-key-vault.vault.azure.net";
    public Uri RedirectUri => new Uri("urn:ietf:wg:oauth:2.0:oob");
    public KeyVaultClient KeyVaultClient { get; private set; }

    public KeyProvider()
    {
        KeyVaultClient = new KeyVaultClient(GetAccessToken);
    }

    public async Task<string> GetSecretAsync(string key)
    {
        SecretBundle secret = await KeyVaultClient.GetSecretAsync(BaseUrl, key);
        return secret.Value;
    }

    private async Task<string> GetAccessToken(string azureTenantId, string clientId, string redirectUri)
    {
        AuthenticationContext context = new AuthenticationContext(azureTenantId);
        AuthenticationResult tokenResult = await context.AcquireTokenAsync("https://vault.azure.net", clientId, RedirectUri, new PlatformParameters(PromptBehavior.RefreshSession));

        return tokenResult.AccessToken;
    }
}

When I debug GetAccessToken, I see that redirectUri (the argument from the method) is an empty string.

This is my configuration in the Azure portal.

Did I miss anything?

Answer

Jack Jia picture Jack Jia · Jul 18, 2019

In your code, the redirect uri is http. But in your application, it is https. Please try to set them as the same one.

Update:

Permissions:

enter image description here

Platform:

enter image description here

Add access policy for the user in Key Vault.

enter image description here

Code:

class Program
{
    public static string clientId = "d4c9b2ed-****-****-****-30a787f7c928";
    public static string redirectUri = "https://localhost/";
    public static string baseUrl = "https://jackkv.vault.azure.net/";

    public static async Task<string> AuthenticationCallback(string authority, string resource, string scope)
    {
        var result = await new AuthenticationContext(authority).AcquireTokenAsync(resource, clientId, new Uri(redirectUri), new PlatformParameters(PromptBehavior.RefreshSession));
        return result.AccessToken;
    }


    static void Main(string[] args)
    {

        Console.ReadLine();

        KeyVaultClient kvc = new KeyVaultClient(AuthenticationCallback);
        var secret = kvc.GetSecretAsync(baseUrl, "testSecret").Result;

        Console.WriteLine(secret.Value);

        Console.ReadLine();
    }
}

Result:

enter image description here