Copy link to clipboard
Copied
Microsoft Purview Information Protection support in Acrobat
The feature works perfectly in version 24.003.20180, but updating Acrobat past that version we are getting an error:
AADSTS50011: The redirect URI 'acrobat2021.oauth2://miplogin' specified in the request does not match the redirect URIs configured in the application 97bd680b-f203-4917-a342-308a3de4094a
checking Azure > Enterprise Applications, Adobe Acrobat (application ID 97bd680b-f203-4917-a342-308a3de4094a) is configured with reply URL 'https://msmip.acrobat.com/authorize'
We did a Fiddler trace with version 24.003.20180 and 24.004.20220. The trace shows the redirect_uri in those versions are different.
Microsoft was originally contacted regarding this issue. However, they were unable to assist as this application is owned by Adobe - The application owner would have to update the application redirect_url
Has anyone else using this feature experienced this?
Copy link to clipboard
Copied
Hope you are doing well. Sorry for the trouble.
It looks like the browser authentication is not set up for the workflow to follow through.
Would you mind trying the same and letting us know if it works?
Please refer to the Setup requirements for browser authentication in the MIP Workflow here: Microsoft Purview Information Protection support in Acrobat
Look forward to hearing from you.
-Souvik
Copy link to clipboard
Copied
The system has been configured in accordance with the document provided.
Further internal testing revealed the feature works in Acrobat version 24.003.20180, but was broken in all version after.
Copy link to clipboard
Copied
I am having the same exact problem:
In fact, I am also seeing that when I try to consent the Adobe Reader Enterprise App in Entra ID, I get redirected to msmip.reader.com, and as far as I can tell (though, I was surprised to find out) reader.com doesn't appear to be owned by Adobe:
Also notice that NSLOOKUP resolves for the Acrobat URL that you get redirected to when doing the same for the Adobe Acrobat (not Reader) Enterprise App consent process.
This is what reader.com resolves too:
And.. Entra ID logs effectively say the same thing that original poster called out in their Fiddler trace.. which is that the installed app is presenting the incorrect information to the Enteprirse App, and that this is a developer issue:
Please help!
Copy link to clipboard
Copied
Hello - any update on this?