A Uri is not a Url. A URI is not a URL

I spent a good portion of the last year around REST and Urls. https://MyServer/Epicor/Customer and so on. https://MyServer or https://MYSERVER or https://myserver who cares. The DNS handling of the internet translates over to a number IPv4 or IPv6 and life is good.

Lately I spent a lot of time with Uris though. Identifiers. Not real addresses to browse. Oh they can be real. And in many use cases they were. And slap a little culture ignore case on them when comparing and all is good still.

Now here comes Azure Active Directory. Lots of Uris. Lots of magic token handling for you. But I deal with a LOT of legacy customers where OAuth and all the beauty of the modern web authentication approaches are not automatic. All those libraries that assume you have the most modern hosts and do magic for you are not available when a customer is still playing in a ws-* world. So a lot of manually managing Audiences and ResourceIds and the like. All LOOK like Urls.

But alas you end up banging your head against the wall when you get

IDX10214: Audience validation failed.
Audiences: ‘https://coderpages.com/EpicorErp-Server’.
Did not match:  validationParameters.
ValidAudience: ‘https://coderpages.com/EpicorERP-Server’ 
Took me a half hour to backtrack to looking at the error and realize it was a Uri dummy!