ERROR AADSTS
AADSTS900971
App registration is missing a redirect URI
in plain english
The OAuth/OIDC flow needs to know where to send the user back after authentication. The app didn't send a redirect_uri in the request and there isn't a default one configured on the app registration. App-reg config error, not a user error.
most likely causes
- App registration has zero redirect URIs configured for the platform being used (Web / SPA / Mobile)
- The auth library didn't include redirect_uri in the request and there's no default registered
- Redirect URI was registered on the wrong platform tab (e.g. SPA URI registered under Web)
- Note: a redirect_uri value that doesn't MATCH a registered URI surfaces as AADSTS50011, not 900971
fix path
- Entra portal → Identity → App registrations → <app> → Authentication → add the platform (Web / SPA / Mobile) and the redirect URI
- Confirm the URI matches EXACTLY what the app sends (including https vs http, trailing slash, port number)
- For SPA apps using MSAL.js: the URI must be on the Single-page application platform, NOT Web
- Check the app's code/config for the redirect_uri value — that's the literal string Entra expects to find on the registration
seen in
Custom app first run · App registration setup · Postman or local development against Entra
related
verified