OpenIdConnect signin-oidc route not handled by ASP.NET MVC


I am using an external OIDC identity provider to log my users into my webshop. The webshop is being built on ASP.NET MVC with .NET Framework 4.7.2.

I have started using the basic MVC template and adding my authentication code.

public void ConfigureAuth(IAppBuilder app)

    JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();// = new Dictionary<string, string>();


    app.UseCookieAuthentication(new CookieAuthenticationOptions
        AuthenticationType = CookieAuthenticationDefaults.AuthenticationType

    var authority = "";
    var redirectUri = "http://localhost:8888/signin-oidc";
    var postlogoUri = "http://localhost:8888/signout-callback-oidc";
    var clientId = "MyClientId";
    var clientSecret = "MyClientSecret";

    app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
        ClientId = clientId,
        ClientSecret = clientSecret,
        Authority = authority,
        RedirectUri = redirectUri,
        PostLogoutRedirectUri = postlogoUri,
        ResponseType = "code",
        Scope = "openid favorites",
        SignInAsAuthenticationType = "Cookies",
        RequireHttpsMetadata = false,

When i hit login on my page, i get redirected to my authentication provider, also the correct redirectUri is passed.

public class AccountController : Controller
    public ActionResult Login()
        if (!HttpContext.User.Identity.IsAuthenticated)
            return new HttpUnauthorizedResult();

        return RedirectToAction("Index", "Home");


However, after i succesfully authenticate with my external provider and get redirected to my site (currently its just http://localhost:8888/signin-oidc for dev purposes) the route is not handled. I am getting a 404, so something clearly isn't working like it is supposed to do.

I have installed ELMAH and this reports the following exception message:

System.Web.HttpException (0x80004005): The controller for path '/signin-oidc' was not found or does not implement IController.

For context: The same works in an ASP.NET Core API, using the same external openid provider with identical configuration.
asked on Stack Overflow Jun 6, 2019 by UrbanEsc • edited Jun 6, 2019 by UrbanEsc

2 Answers


For anyone browsing this in the future, this is the answer:

Owin.OpenIdConnect does not support "code" only ResponseTypes. You need to set "id_token" too. If, for any reason, you cannot do this, you will basically need to implement parts of the spec yourself (mainly by hooking up into the MessageReceived Notifications Event).

See this part in the source code of the OpenIdConnect Handler:

answered on Stack Overflow Jun 7, 2019 by UrbanEsc

I had this in my Home

public void SignIn()
    if (!Request.IsAuthenticated)
            new AuthenticationProperties { RedirectUri = "/" },

and similar RedirectUri parameter could be add to SignOut too

public void SignOut()
            new AuthenticationProperties { RedirectUri = Request.Url.Scheme + "://" + Request.Url.Authority },
answered on Stack Overflow Sep 4, 2020 by Tom

User contributions licensed under CC BY-SA 3.0