OAuth2 Microsoft Not Working: Page 9

OAuth2 Microsoft Not Working

KevinTheJedi

You'll have to create your own thread with detailed info, screenshots, and steps. /api/auth/oauth2 is the correct URL.

Cheers.

ricardogomez

I got the token right now.

But when i click enable and save changes for outgoing mail it says this

So when i test outgoing mail it says the test was successful but it wasnt

Where can I see my logs or how do I troubleshoot whats going on if im using centos with cpanel

KevinTheJedi

ricardogomez

You’ll need to contact your hosting provider. It’s likely they have restrictions on outgoing SMTP connections or a firewall, etc.

Cheers.

fernando_Croca

KevinTheJedi

Cheers,
I am having a problem with OAuth2 that i can´t understand...
Can you help me please?
The error is
AADSTS9002325: Proof Key for Code Exchange is required for cross-origin authorization code redemption.

What am i doing wrong?

KevinTheJedi

fernando_Croca

I don’t think I’ve ever seen that error before. Make sure you are following the documentation here:

https://docs.osticket.com/en/latest/OAuth2/Microsoft%20Authorization%20Guide.html

If you continue to run into these errors you’ll have to contact your mail provider for further assistance.

Cheers.

fernando_Croca

KevinTheJedi

I have eliminated the app registration in O365, then created a new one and sucess.
SMTP continues to get an error : 535: 5.7.3 Authentication unsuccessful i will continue trying...
Thanks Kevin

rhuggins

I've been working with my org's IT dept to add oauth for our osTicket instance and got this "AADSTS9002325: Proof Key for Code Exchange is required for cross-origin authorization code redemption." error today as well.

Were you ableto find a cause? We tried making a new app registration as well.

rhuggins

One thing I was curious about, in the guide it says "Here it is very important to login to the email you are trying to configure in the helpdesk. Once logged in as the system email you are trying to configure, you can opt to Consent on behalf of your organization, and then click Accept."

in our case the account login is different than the email address for this account, does the quoted documentation mean that will cause a problem?

KevinTheJedi

rhuggins

With the current iteration of the software and plugin yes it will cause an issue. We have patches coming that will allow you to use a global admin or service user to authenticate and consent but currently you must sign in using the email itself.

Cheers.

valdoltra

KevinTheJedi The system doesn't allow me to log in with system email? Where should I enable this setting? We are using a regular mailbox for receiving and sending emails. In order to configure Oauth, I need to log in to OsTicket with that same user however I am getting access denied error.

rhuggins

Thank you very much. I'll try changing the email address to match the login name.

agrservice

: '(

KevinTheJedi

agrservice

Please do a recursive search before posting. You don’t have URL rewriting enabled.

Cheers.

valdoltra

valdoltra Nevermind. I just gave myself a high five... to my forehead.... with a chair 🙂

I got O365 cached signin so it always tried to log in with my username. Once I logged in with my helpdesk account and remained signed in it worked.

I'll take my Darwin award now thank you

« Previous Page Next Page »