dotnet
InstallUtility failing to create AD Application with IdentifierUri 'SignService'
When attempting to set up the SignService using the InstallUtility as outlined in the Deployment.md documentation, after cloning, building, running and logging in the application crashes with an unhandled exception:
DataServiceClientException: {"odata.error":{"code":"Request_BadRequest","message":{"lang":"en","value":"Values of identifierUris property must use a verified domain of the organization or its subdomain: 'https://SignService/uuid'"},"requestId":"requestid","date":"2022-03-18T13:17:10","values":[{"item":"PropertyName","value":"identifierUris"},{"item":"PropertyErrorCode","value":"HostNameNotOnVerifiedDomain"},{"item":"HostName","value":"https://SignService/uuid"}]}}
apparently the default IdentifierUris value https://SignService/<uuid> as defined in https://github.com/dotnet/SignService/blob/9560fc6f77bf1bfd013d557a53549b95e634cd3f/src/InstallUtility/Program.cs#L486-L489 won't work unless it's present in aad / custom domains.
when we changed it to a custom domain that is present as at least 'verified' in AAD -> Custom Domains, the creation of the Application succeeded.
are we supposed to edit the Program.cs to add the uri there or did the IdentifierUris value https://SignService/GUID get accepted by AAD at some point in the past and a platform change has caused this exception to be thrown?
