I changed consent to login and rehydrated, I can confirm it works as expected in this stricter setup.
Thanks for your help, mate.
OAuth2 Microsoft Not Working
- Edited
this is the error that i am receiving
/Osticket/scp/ajax.php/email/4/auth/config/mailbox/oauth2:msmail:1 Failed to load resource: the server responded with a status of 500 ()
Request URL: https://"localserver"/osTicket/scp/ajax.php/email/4/auth/config/mailbox/oauth2:msmail
Request Method: POST
Status Code: 500
Remote Address: **********:443
Referrer Policy: strict-origin-when-cross-origin
it worked for now with fresh installation of App and Plugin .
now when configuring Remote Mailbox
cannot connect to host ; error = fsockopen(): Unable to connect to outlook.office365.com:143 (A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond) (errno = 0 )
Can confirm that this has not fixed my issue. I have been working with MS support as well, but they have not been able to see any issues with my app registration or other parts of the setup.
Thank you so much. It worked for me.
For future reference, I set up osTicket with IIS and Window Server 2019. I was struggling with this error because I wasn't too familiar with language in the php.ini file. As the solution, I removed the semicolon in the front of curl.cainfo to uncommented it.
Kind regards,
Your initial issue was that URL Rewriting is not enabled on your webserver or if it is it's not running correctly. Did you ever solve that issue?
Cheers.
Sorry, I do not mean to be obtuse. This is fairly new territory for me. I have looked at a number of other posts in these forums and I am seeing the rewrite rules that others have shown:
Testing the "HTTP api" rule, I get the following result:
So that seems to be in-line with the result of being sent to the main /portal page
I'm guessing I may need to edit the rule to point to the agent panel or admin panel, is that thought in the right direction?
Okay, so the appearance of the rules does not indicate that the web.config file is loading. Good to know, thank you.
Does this have a solution? No matter what I try, I end up with:
Sorry, but we’re having trouble signing you in.
AADSTS9002325: Proof Key for Code Exchange is required for cross-origin authorization code redemption.
I’ve never seen that one before. Follow our documentation to a "T". If you still have issues after that then contact MS for further assistance.
Cheers.
KevinTheJedi Looks like I had the URLs messed - didn't know that URL and was "randomly" trying whatever I found in the forum.
However, this still doesn't work for me - after accepting Microsoft-side popup, Osticket shows: "invalid_client".
Then you didn’t configure something right in your Email Config. Please post a screenshot and censor any sensitive info.
Cheers.
- Edited
For the Client ID did you use the Application (client) id from Azure? Also, for the Client Secret did you use the Secret Value or Secret ID from Azure? You should be using the Secret Value from Azure.
Cheers.
For the Client ID did you use the Application (client) id from Azure?
Yes.
Also, for the Client Secret did you use the Secret Value or ID from Azure?
Yes. 
You should be using the Secret Value from Azure.
Both answers - yes.
No you are pointing to the Secret ID which is not correct. You need to use the Secret Value.
Cheers.
mangoo Also, had to do this to enable SMTP:
Use the Microsoft 365 admin center to enable or disable SMTP AUTH on specific mailboxes
Open the Microsoft 365 admin center and go to Users > Active users.
Select the user, and in the flyout that appears, click Mail.
In the Email apps section, click Manage email apps.
Verify the Authenticated SMTP setting: unchecked = disabled, checked = enabled.
When you're finished, click Save changes.Otherwise, was getting:
5.7.139 Authentication unsuccessful, SmtpClientAuthentication is disabled for the Tenant. Visit https://aka.ms/smtp_auth_disabled for more information. [AM5PR0502CA0017.eurprd05.prod.outlook.com]
Just following up on this after the weekend. I am no IIS guru, but I did stumble upon the "configuration search" tool in the Configuration Editor and gathered the screenshot below. This appears to show that it is using the web.config shipped with OsTicket, but my attempts to learn how to verify this have not yielded anything to this point.
