I have implemented next-auth v5 into my Next.js application and everything is working fine locally; however, after I deploy to my Azure App Service, it no longer works. After I select my Microsoft Entra ID account (formerly Azure Active Directory account), I get an error indicating HTTP ERROR 404 for my-application.azurewebsites.net/api/auth/callback/microsoft-entra-id?code=long-code. I have attached redacted screenshots of it working on localhost and not working when deployed to the Azure App Service.
Localhost:
- authorize call is successful
- reprocess call is successful
- /api/auth/callback/microsoft-entra-id call is successful
- everything works as expected
Azure App Service:
- authorize call is successful
- reprocess call is successful
- /api/auth/callback/microsoft-entra-id call fails: 404 Not Found
Network tab of failing calls
Binaries:
- Node: 20.12.2 – C:Program Filesnodejsnode.EXE
- npm: 10.5.0 – C:Program Filesnodejsnpm.CMD
Browsers: - Edge: Chromium (123.0.2420.81)
- Internet Explorer: 11.0.22621.1
npmPackages: - next: ^14.1.0 => 14.2.3
- next-auth: ^5.0.0-beta.18 => 5.0.0-beta.18
- react: ^18 => 18.2.0
I did try to hit the dynamic route directly: my-application.azurewebsites.net/api/auth/callback/microsoft-entra-id?code=abcd&session_state=1234 and originally I got a redirect to:
- https://0.0.0.0/api/auth/error?error=Configuration
I then did a little searching through the documentation and found the AUTH_URL environment variable and set that to: my-application.azurewebsites.net/api/auth
After that when I hit my-application.azurewebsites.net/api/auth/callback/microsoft-entra-id?code=abcd&session_state=1234 I get an appropriate error screen indicating: Server error There is a problem with the server configuration. Check the server logs for more information.
I did check the server logs and they report: InvalidCheck: PKCE code_verifier cookie was missing.. Read more at errors.authjs.dev#invalidcheck which makes sense because my code and session_state query parameters are bogus.
However, when I go through the normal authentication flow, I still get the same HTTP ERROR 404 when it calls: my-application.azurewebsites.net/api/auth/callback/microsoft-entra-id?code=
I do see in the logs: [auth][warn][env-url-basepath-redundant][0m Read more: warnings.authjs.dev#env-url-basepath-redundant, but I don’t set authConfig.basePath myself at all.
user25140135 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.