Login adminconsent redirect_uri

[LeonYasoon]

Hi Teams.
Not sure where to correct place to raise this issue would be, so please feel free to point me in the right direction.

When creating an adminconsent URL like https://login.microsoftonline.com/organizations/v2.0/adminconsent?client_id={{CLIENTID}}&scope={{SCOPES}}&redirect_uri={{REDIRECTURI}}&state={{STATE}} and confirming the admin consent, the user is sometimes redirect to a URI that is shaped like {{REDIRECTURI}}?admin_consent=True&tenant={{TENANTID}}&state={{state}}Sign+in+to+your+account which leads to the state being corrupted by the string "Sign in to your account" beeing appended.

[Prasad-MSFT]

Hi @LeonYasoon, thanks for raising your issue. Could you please provide more details on your issue? Any repro video would be really helpful.

[LeonYasoon]

Sure, here is what the flow looks like:

Open a Microsoft adminconsent login URL that is shaped like https://login.microsoftonline.com/organizations/v2.0/adminconsent?client_id={{CLIENTID}}&scope={{SCOPES}}&redirect_uri={{REDIRECTURI}}&state={{STATE}}

Select an admin account and approve the request

Sometimes, the redirect uri that is provided with the adminconsent URL is called with the provided state but also with the string "Sign+in+to+your+account" appended to the state query, which can be seen here in our access logs:

[LeonYasoon]

Also, please excuse me if this is not the right place to raise this request and feel free to point me in the right direction.

[Prasad-MSFT]

Thanks for providing the details. We are checking this with engineering team. We will inform you once we have any update.