Share via

Urgent: Azure Account Access Blocked - Error 400 (redirect_uri_mismatch)

Michael Johnson 0 Reputation points
2026-05-15T15:22:02.51+00:00

Support Request

Subject:

Description: Hello Support Team,

I am currently blocked from accessing my Azure account and am unable to make necessary changes to Entra ID. When attempting to sign in with my Google credentials, authentication fails and returns an invalid request error.

Here are the specific details:

Error Message: Access blocked: This app’s request is invalid.

Specific Error Code: Error 400: redirect_uri_mismatch

Context: This occurred while attempting to authenticate to manage Entra ID.

Based on the error code, it appears the redirect URI sent in the authentication request does not match the authorized redirect URIs configured for the Google Identity Provider integration.

Could you please review the application's configuration and ensure the correct Azure redirect URIs are whitelisted in the Google OAuth settings so I can regain access?

Thank you,

Michael Johnson

******@gmail.com

Microsoft Security | Microsoft Entra | Microsoft Entra ID

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Q&A Assist
    2026-05-15T15:22:15.2466667+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    The error 400: redirect_uri_mismatch indicates that the redirect URI used in the sign-in request does not match the redirect URI configured on the identity provider side. In this scenario, the Google OAuth app configuration must be updated to match the Azure/Microsoft Entra configuration.

    To resolve the issue, the application owner or tenant administrator needs to:

    1. Identify the exact redirect URI Azure/Microsoft Entra is sending:
      • Trigger the sign-in again and capture the redirect URI shown in the error details, or
      • From the Azure portal, open the relevant app registration and copy the redirect URI configured there.
    2. Verify and update the redirect URI in the identity provider (Google) configuration:
      • In the Google Cloud/Google Identity Provider configuration for this app, locate the list of authorized redirect URIs.
      • Add the exact redirect URI that Azure/Microsoft Entra is using (must match character-for-character, including scheme, path, and any trailing slashes).
    3. Save changes and retry sign-in:
      • After updating the Google OAuth configuration, save the changes.
      • Wait a few minutes for propagation, then attempt sign-in again.

    If the redirect URI being sent from the application is not the one that should be used, the app’s own configuration or code must be updated so that it sends the correct redirect URI that matches what is configured on both Azure/Microsoft Entra and Google.

    If access to Azure is currently blocked for the affected user and there is no other admin account available, another tenant administrator must perform these configuration changes, or support must be engaged from an account that still has access.

    References:

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.