Rev 01 note
Some parts of this article are updated 09.08.2024 to conform with the RFC3986 Uniform Resource Identifier (URI) standard.
Login process with Azure AD identity provider
When a user navigates to any secured page, the Power Pages redirects the user to the sign in page:
https://your.powerappsportals.com/SignIn
5a0c25a6-4739-ef11-8409-6045bd8728a9 is your Azure AD tenant.
Clicking a button Azure AD on this page will trigger the authentication process redirect which can also be initiated by navigating to the following URL:
https://your.powerappsportals.com/Account/Login/ExternalLogin?provider=https://login.windows.net/5a0c25a6-4739-ef11-8409-6045bd8728a9/&ReturnUrl=%2F
After successful authentication, the user will be taken to the page from the ReturnUrl route. In this case it's the Home page as %2F is the URI-encoded /.
Default pages with public access
Even if you set Page Permissions of all your pages to Authenticated Users web role only, there are some inbuilt pages which will by default be available publicly. These include:
https://your.powerappsportals.com/SignIn
https://your.powerappsportals.com/Account/Login
https://your.powerappsportals.com/Account/Login/Logoff
https://your.powerappsportals.com/Account/Login/Register
https://your.powerappsportals.com/Account/Login/ExternalAuthenticationFailed
https://your.powerappsportals.com/_layout/tokenhtml
Navigating to these pages will not trigger the authentication process.
Navigation to a specific hash (fragment) after login
Let's say that I want to go directly to the following route:
https://your.powerappsportals.com/?name=valves&status=active#suppliers
If my user session is active, I may just paste this link to the url bar and see the results I wanted. Since I'm already authenticated, no login redirect is required.
But if I'm not authenticated or my session is expired, the login redirect will be triggered with the following ReturnUrl:
https://your.powerappsportals.com/Account/Login/ExternalLogin?provider=https://login.windows.net/5a0c25a6-4739-ef11-8409-6045bd8728a9/
&ReturnUrl=%2F?name=valves&status=active#suppliers
And... after successful authentication I will be redirected to the Home page instead of the requested route. This happens due to the hash sign and all that comes after it is lost during redirect.
How to fix
In the ReturnUrl the hash sign # shall be replaced with %23 so that this part of the redirect url:
...ReturnUrl=%2F?name=valves&status=active#suppliers
becomes:
...ReturnUrl=%2F?name=valves&status=active%23suppliers
How to automate this is in the next post...
Top comments (0)