Hello Traccar Team,
I’m integrating the Traccar Manager mobile app with Microsoft Azure AD using OpenID Connect, and I’ve run into a redirect URI compatibility issue that appears to come from the mobile app’s implementation.
During authentication, the Traccar Manager app sends the following redirect URI:
org.traccar.manager:/api/session/openid/callback
Notice that it contains only one slash after the scheme (org.traccar.manager:/).
Azure AD requires an exact string match for redirect URIs, but it also enforces a stricter validation rule for custom schemes: they must follow the format:
customscheme://path
Because of this, Azure AD rejects the single‑slash URI. It cannot be added through the Azure Portal, Azure CLI, or Microsoft Graph API. All attempts return a validation error, even though the URI is technically valid per RFC 3986.
To confirm, Azure AD does accept this version:
org.traccar.manager://api/session/openid/callback
…but the mobile app does not use it.
As a result, authentication fails with:
AADSTS50011: The redirect URI does not match the registered redirect URI.
Would it be possible to update the Traccar Manager mobile app so that it uses the standard custom‑scheme format with two slashes after the scheme, for example:
org.traccar.manager://api/session/openid/callback
This change would make the redirect URI compatible with Azure AD and allow the OpenID login flow to complete successfully.
Thank you for your help, and please let me know if you need any additional details.
If I'm reading the code change correctly, it looks to be a smart solution that would allow both URI formats to be consumed correctly.
What is the typical timeframe from a merge into main to make it into a published app in the app store?
Thanks for the quick turnaround!
There's no regular schedule.
Hello Traccar Team,
I’m integrating the Traccar Manager mobile app with Microsoft Azure AD using OpenID Connect, and I’ve run into a redirect URI compatibility issue that appears to come from the mobile app’s implementation.
During authentication, the Traccar Manager app sends the following redirect URI:
org.traccar.manager:/api/session/openid/callbackNotice that it contains only one slash after the scheme (org.traccar.manager:/).
Azure AD requires an exact string match for redirect URIs, but it also enforces a stricter validation rule for custom schemes: they must follow the format:
customscheme://pathBecause of this, Azure AD rejects the single‑slash URI. It cannot be added through the Azure Portal, Azure CLI, or Microsoft Graph API. All attempts return a validation error, even though the URI is technically valid per RFC 3986.
To confirm, Azure AD does accept this version:
org.traccar.manager://api/session/openid/callback…but the mobile app does not use it.
As a result, authentication fails with:
AADSTS50011: The redirect URI does not match the registered redirect URI.Would it be possible to update the Traccar Manager mobile app so that it uses the standard custom‑scheme format with two slashes after the scheme, for example:
org.traccar.manager://api/session/openid/callbackThis change would make the redirect URI compatible with Azure AD and allow the OpenID login flow to complete successfully.
Thank you for your help, and please let me know if you need any additional details.