Recently while working on Sitecore 9.2 on Azure PaaS, we implemented Azure AD Login using Sitecore Identity Service. Everything was pretty straight forward and worked like a charm.
Later on we observed that when we are trying to access any Sitecore Admin Page like Showconfig.aspx, Cache.aspx, Jobs.aspx, EventQueueStats.aspx user was ending up with an infinite loop with the URLs changing back and forth between Sitecore URL and Identity Service URL. As a result login was never a success.
For ex. when I navigate to
/sitecore/admin/showconfig.aspx, I get an access denied error, then get redirected to the identity server, into which I have already logged in. The identity server then redirects me back to the original URL, which throws an access denied error again and redirects me back to the identity server. This will go on forever if I don’t stop it.
To fix this you need to make sure that
/sitecore/admin/ is present in the
siteNeutralPaths. On the CM Role navigate to the
/app_config/Sitecore/ Owin.Authentication/Sitecore.Owin.Authentication.config. Once configured you should be all set with the login and access to the admin pages.
Wait a Sec:
For the change above are you going to modify the original `
Sitecore.Owin.Authentication.config`file? Naah! that’s a bad idea. You should rather patch it. Having trouble patching the Sitecore config files?
Hope this helps!