As per instructions at https://learn.microsoft.com/en-us/azure/active-directory/develop/tutorial-v2-android I generated development signature hash using KeyTool and registered my application in Azure portal.
The portal generated MSAL configuration that I then pasted into res.raw.auth_config.json in the project (my-app-client-id and my-app's package name are just place holders in the sample below; actual values were auto-generated by Azure):
{
"client_id" : "<my-app-client-id>",
"authorization_user_agent" : "DEFAULT",
"redirect_uri" : "msauth://<my-app's package name>/npYKnQBHywGAasZflTy2xmdpEiU%3D",
"authorities" : [
{
"type": "AAD",
"audience": {
"type": "AzureADMultipleOrgs",
"tenant_id": "organizations"
}
}
]
}
I then added the following to AndroidManifest.xml:
<application>
[..]
<!--Intent filter to catch Microsoft's callback after Sign In-->
<activity
android:name="com.microsoft.identity.client.BrowserTabActivity">
<intent-filter>
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE"/>
<!--
Add in your scheme/host from registered redirect URI
note that the leading "/" is required for android:path
-->
<data
android:scheme="msauth"
android:host=""
android:path="/<signature-generated-by-keytool>" />
</intent-filter>
</activity>
[...]
</application>
In my activity's onCreate() I attempt to create a single account client application as follows:
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_single_account_model);
initializeUI();
PublicClientApplication.createSingleAccountPublicClientApplication(this,
R.raw.auth_config,
new IPublicClientApplication.ISingleAccountApplicationCreatedListener() {
@Override
public void onCreated(ISingleAccountPublicClientApplication application) {
mSingleAccountApp = application;
loadAccount();
}
@Override
public void onError(MsalException exception) {
displayError(exception);
}
});
}
Unfortunatelly PublicClientApplication.createSingleAccountPublicClientApplication() call crashes the app with the following error:
java.lang.IllegalStateException: The redirect URI in the configuration file doesn't match with the one generated with package name and signature hash. Please verify the uri in the config file and your app registration in Azure portal.
I can't figure out why this is happening because the config file's content was generated by Azure portal and package name, signature hash, and redirect URI match whatever is shown in the portal.
I'd appreciate any suggestions.
In short: this is likely a problem with your debug keystore. I was having this same problem recently, it ended up being a problem when I was creating the hash on the command line with their instructions. What solved it for me was re-doing the app registration process on the azure portal, and when you create the hash on the command line, make sure to use the password for your android keystore (default is 'android'). The first time I did it I used the default password for the jdk keystore and it still created a hash for me but it resulted in the error you described. I'm not entirely sure how the whole process works and would love for another person to clarify, but what I described above solved the issue for me.