STP - URI mismatch error

SuzieM
SuzieM Member Posts: 3 Novice Member Novice Member

Since transitioning to STP2 I have been uploading our fortnightly STP to the ATO without any issues, until last week.

Trying to export a new pay event from Reckon Hosted, sign in with Microsoft365 and the error below appears. I've tried several times to navigate through Azure, as the error message instructs, however neither of the options in step 3 work (first option is n/a to us and the 2nd option says I don't have access). Our own IT support people believe this is an access issue that needs to be rectified by Reckon tech support.  PLEASE HELP.

Request Id: 163f4553-605e-40e2-9ccd-a414952f2000 

Correlation Id: 3926af6f-2f40-4975-b83b-88af5ff9c7f3 

Timestamp: 2023-08-28T01:50:22Z 

 Message:  AADSTS50011: The redirect URI 'https://portal-rah.reckon.com' specified in the request does not match the redirect URIs configured for the application '36808f5e-ed69-42f5-86d4-ef8561b9f3a5'. Make sure the redirect URI sent in the request matches one added to your application in the Azure portal. Navigate to https://aka.ms/redirectUriMismatchError to learn more about how to fix this.  

   

Comments

  • Kris_Williams
    Kris_Williams Member Posts: 3,628 Reckon Accounts Hosted Elite Expert Reckon Accounts Hosted Expert

    I would try again in a day or two, export the file again and submit

  • SuzieM
    SuzieM Member Posts: 3 Novice Member Novice Member

    Thanks Kris but I have been trying every day for over a week now.

  • Rav
    Rav Administrator, Reckon Staff Posts: 16,418 Reckon Community Manager Community Manager

    Hi @SuzieM

    Can I just clarify, are you export your STP file in Hosted are you then using the internal browser that opens with Hosted itself to login to GovConnect using the Office365 button?

    If you open a separate tab on your browser and head over to https://portal.reckon.com/ directly and then use the Office365 button to login there, does it work correctly for you?

  • SuzieM
    SuzieM Member Posts: 3 Novice Member Novice Member

    Hi Rav.

    I've been using the internal browser that automatically appears but I've just tried your separate tab suggestion and it's worked!

    Thank you. Really appreciate yours and Kris' prompt responses to my issue!

  • CraigF
    CraigF Member Posts: 2 Novice Member Novice Member

    One of my clients is also encountering this issue. In stepping through it with them, I noticed that the internal browser appear to be using Internet Explorer - there's a high likelihood this is the problem so can that be changed?

    We tried the workaround of using https://portal.reckon.com/ and were able to sign-in using the Office 365 sign-in, however my client advised that none of the data she would normally see was available, and it was prompting her to configure her STP connection from scratch. Can you explain this?

    Other matters that may be of relevance are:

    Their Microsoft 365 tenant is locked down to enforce MFA using the Microsoft Authenticator app, including number matching.

    This Microsoft article suggests the redirect URI is incorrect or has changed: https://learn.microsoft.com/en-us/troubleshoot/azure/active-directory/error-code-aadsts50011-redirect-uri-mismatch

  • Rav
    Rav Administrator, Reckon Staff Posts: 16,418 Reckon Community Manager Community Manager

    Hi @CraigF

    The issue isn't so much about Internet Explorer as the internal browser but more so the redirect that is happening to land at the Portal screen not working with the Office365 SSO option. The team is taking a look at this at the moment and hopefully we can get this straightened out very soon.

    In the interim, I'd recommend accessing the Portal directly from https://portal.reckon.com/ 


    ... however my client advised that none of the data she would normally see was available, and it was prompting her to configure her STP connection from scratch. Can you explain this?

    If they used the Office365 option to sign in, then the above sounds to me like they are signing in with a different Office365 account than the one their Reckon Portal account was originally registered to.

    Are you aware if your client has access to and/or uses multiple Office365 accounts? If so, I think the simple solution is to ensure the correct Office365 account is entered on the login screen after the Sign in with Office365 button is selected 👇


    Hope that helps but let me know how you get on.

    Cheers

  • CraigF
    CraigF Member Posts: 2 Novice Member Novice Member

    As a status update, my client contacted Reckon support and they assisted her to access what she needed - apparently the process was convoluted.