I was working on the Federated application that used OpenID which obviously required organizational consent to grant permissions, which was completed successfully, but then when people tried to login, they got this error:
AADSTS9002325: Proof Key for Code Exchange is required for cross-origin authorization code redemption
That looks something like this:
This particular error I have never seen before however some of the articles report that you’re sign URI does not match the URI in your redirection for this application, this was not the case for my example.
The problem we had was down to how the authentication method have been setup for the redirect URI so as below from the App Registration choose Authentication as below:
You will then need to choose "Add Platform"
You will then be given two options you have "web" and "single page application"
This is where you need to choose the correction option you can use the list below to figure of which option you require but in our example a "single page" was chosen then the correction option was a "website".
- One HTML document
- No navigation between pages
- All content loads on one page
- Multiple interconnected pages
- Navigation menu/structure
- Separate HTML documents for each page