KevinTheJedi

Well that definately did something. Now getting the following message:

array ( 'code' => 'InvalidAudience', 'message' => 'The audience claim value is invalid \'aud\'.', 'innerError' => array ( 'oAuthEventOperationId' => 'd5f3e02e-68f0-46b2-af33-6b6ec98807ce', 'oAuthEventcV' => '9u7DvOydWvDsiE6wCe89Zg.1.1', 'errorUrl' => 'https://aka.ms/autherrors#error-InvalidResource', 'requestId' => 'bcc3eef6-9dec-f05a-ec88-4eb009ef3d66', 'date' => '2022-08-03T21:23:06', ), )

14 days later

rblake you can see other details at https://forum.osticket.com/d/101392-oauth2-microsoft-setup/34

I started fresh and followed all the steps, but still not working @KevinTheJedi do you think something changed on RC3 vs. RC2? Yesterday, I got it to successful get Token, but not able to enable Fech IMAP or SMTP
It lets me log in to Azure to verify my user/password, then I get an error:

.com/api/auth/oauth2?code=0.AXgA2fAVo4Vd60CnyrQF14356.... etc.
Not Found
The requested URL was not found on this server.

If using the hybrid flow (e.g ASP.NET Core, ASP.NET web apps), enable ID tokens in the implicit grant flow.

I gave access to: ID tokens (used for implicit and hybrid flows)

Implicit grant and hybrid flows
Request a token directly from the authorization endpoint. If the application has a single-page architecture (SPA) and doesn't use the authorization code flow, or if it invokes a web API via JavaScript, select both access tokens and ID tokens. For ASP.NET Core web apps and other web apps that use hybrid authentication, select only ID tokens. Learn more about tokens.

Select the tokens you would like to be issued by the authorization endpoint:
Access tokens (used for implicit flows)
ID tokens (used for implicit and hybrid flows)

If hit back, I get error:
AADSTS900561: The endpoint only accepts POST requests. Received a GET request.

Request Id: a91c0c8e-a915-4dfa-a1b6-10b2b4591200
Correlation Id: 1bbf5fd1-3cac-45f7-becf-752d20277320
Timestamp: 2022-08-17T13:13:16Z
Message: AADSTS900561: The endpoint only accepts POST requests. Received a GET request.

Any pointer would be great
There is a YouTube Video on How to connect to Office 365 with IMAP, Oauth2, and Client Credential Grant Flow, which requires doing some PowerShell commands
https://youtu.be/bMYA-146dmM

    ramrajone

    Not Found
    The requested URL was not found on this server.

    This is due to you not having URL Rewriting enabled for the webserver you are using. Please review your webserver's documentation on how to enable URL Rewriting. Once you get that working you should be fine.

    I started fresh and followed all the steps, but still not working KevinTheJedi do you think something changed on RC3 vs. RC2?

    I don't get what you're asking here. Of course there were changes between RC2 and RC3 as we wouldn't release a new RC with no changes. Can you please clarify or provide more details on what you are asking?

    Cheers.

      KevinTheJedi
      Rewrite is enabled, I have installed 1.16 and able to get it working fine with basic authentication

      What I mean about changes RC3 vs RC2 is that some people got it working, which posted here might be using RC2 version

      I will try again later

        ramrajone

        Rewrite is enabled, I have installed 1.16 and able to get it working fine with basic authentication

        This has nothing to do with URL Rewriting. Basic Auth does not use anything that requires URL Rewriting.

        What I mean about changes RC3 vs RC2 is that some people got it working, which posted here might be using RC2 version

        Nothing that should affect that has changed. We only made things editable and provided better defaults.

        Cheers.

          KevinTheJedi
          oops I forgot to change from AllowOverride none to AllowOverride all
          Thanks

          <Directory /var/www/>
          Options Indexes FollowSymLinks
          AllowOverride all
          Require all granted
          </Directory>

          Now I am back to where I was yesterday:
          Unable to update this email. Correct any errors below and try again.
          AUTHENTICATE failed.

          when I try to enable Email Fetching or SMTP
          URL shows: /scp/emails.php?id=1#mailbox

            ramrajone I'm also getting the AUTHENTICATE failed too. It gave me the false hope before because it showed as successful but later when I received an e-mail, it failed and wouldn't download the message.

            5 days later

            Hi Guys,
            found the issue for the email mismatch
            Cookies from the browser. 😅

              4 days later

              any working instructions for setting up OAuth2 Microsoft ? (running v1.17-rc3)

                5 days later

                OSticket details:

                Need help As Office365 team announces that IMAP+SSL, setting ended this OCT 22. Also found that GMAIl too, ended the 3rd party around May 22. Pls share, if new guide for email setting for OSticket using Office365.

                9 days later


                Is there a way to get things working with self signed certs for an intranet? This is a curl error I believe, I've tried to add the cert to the php.ini file, but I don't think that is the right location then.

                  leonlongoria

                  You can go to the link in the error and it should explain how to address the issue. cURL issues are typically easy to fix thankfully.

                  Cheers.

                  Hello... I followed all the instructions, and allow in the authorization window the account and permissions do not error for the Microsoft side. But in OST appears an "invalid client" error. I double checked the info, and even put a wrong client id for testing (and Microsoft windows show error " Application with identifier 'xxxxx-xxx-xxx-xxxx' was not found in the directory" so I'm sure the "client Identifier" is well...

                  osTicket (v1.17-rc4) on centos 8

                    lupo_gris

                    Please post a screenshot of the OAuth2 information you are using. Please make sure to censor things like the client secret, client id, tenant id, etc.

                    Cheers.