OAuth2 Microsoft Not Working: Page 4

OAuth2 Microsoft Not Working

KevinTheJedi

ramrajone

Rewrite is enabled, I have installed 1.16 and able to get it working fine with basic authentication

This has nothing to do with URL Rewriting. Basic Auth does not use anything that requires URL Rewriting.

What I mean about changes RC3 vs RC2 is that some people got it working, which posted here might be using RC2 version

Nothing that should affect that has changed. We only made things editable and provided better defaults.

Cheers.

ramrajone

KevinTheJedi
oops I forgot to change from AllowOverride none to AllowOverride all
Thanks

<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride all
Require all granted
</Directory>

Now I am back to where I was yesterday:
Unable to update this email. Correct any errors below and try again.
AUTHENTICATE failed.

when I try to enable Email Fetching or SMTP
URL shows: /scp/emails.php?id=1#mailbox

rblake

ramrajone I'm also getting the AUTHENTICATE failed too. It gave me the false hope before because it showed as successful but later when I received an e-mail, it failed and wouldn't download the message.

BrunoLopes

Hi guys,

Any ideas on this error?

BrunoLopes

Hi Guys,
found the issue for the email mismatch
Cookies from the browser. 😅

stevey

BrunoLopes Did you manage to solve it? I tried with incognito, but I still get that Email Mismatch.
To get that error, I log into a shared mailbox after it asks me to sign with an admin account to authorize the access to the organisation.

rob999

any working instructions for setting up OAuth2 Microsoft ? (running v1.17-rc3)

KevinTheJedi

rob999

Of course:

https://forum.osticket.com/d/96893-basic-authentication-retirement-for-legacy-protocols-in-exchange-online/138

Cheers.

Tinnitus

Hello is there already a plan when the RC4 comes?

KevinTheJedi

Tinnitus

Not at the moment. Hopefully next week.

Cheers.

vanesn

OSticket details:

Need help As Office365 team announces that IMAP+SSL, setting ended this OCT 22. Also found that GMAIl too, ended the 3rd party around May 22. Pls share, if new guide for email setting for OSticket using Office365.

leonlongoria

Is there a way to get things working with self signed certs for an intranet? This is a curl error I believe, I've tried to add the cert to the php.ini file, but I don't think that is the right location then.

KevinTheJedi

leonlongoria

You can go to the link in the error and it should explain how to address the issue. cURL issues are typically easy to fix thankfully.

Cheers.

leonlongoria

fyi for this issue, our organization was doing something weird with our firewall and SSL certs. After going around that everything worked. thanks

lupo_gris

Hello... I followed all the instructions, and allow in the authorization window the account and permissions do not error for the Microsoft side. But in OST appears an "invalid client" error. I double checked the info, and even put a wrong client id for testing (and Microsoft windows show error " Application with identifier 'xxxxx-xxx-xxx-xxxx' was not found in the directory" so I'm sure the "client Identifier" is well...

osTicket (v1.17-rc4) on centos 8

KevinTheJedi

lupo_gris

Please post a screenshot of the OAuth2 information you are using. Please make sure to censor things like the client secret, client id, tenant id, etc.

Cheers.

lupo_gris

KevinTheJedi Hi!
screenshot OST

screenshot Azure app

KevinTheJedi

lupo_gris

I guess you didn't read the post I linked above with full instructions. Your Resource Details Endpoint is incorrect. You should be using the v2.0 outlook api url https://outlook.office.com/api/v2.0/me. Please make sure you download and install the latest build of the OAuth2 plugin from our website.

Also, your scopes are wrong. You need to use the outlook scopes of offline_access https://outlook.office.com/Mail.ReadWrite.

Cheers.

lupo_gris

KevinTheJedi I made the changes, but still in "invalid client".. I download and reinstall the plugin with the same result

edit:
I made a fresh install, without de data of the old OST, and work... so something about the original OST is broken...

KevinTheJedi

lupo_gris

Did you enable and consent to the needed scopes in your Azure App? Please go back to my linked guide and follow all the steps.

Cheers.

ramrajone

lupo_gris
These settings have worked for me

email Address Attribute part, you have different, based on your AD settings

Client Id: *
IdP Client / Application Identifier

Client Secret:
IdP Client Secret

Scopes: *
Comma or Space separated scopes depending on IdP requirements
offline_access https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/POP.AccessAsUser.All https://outlook.office.com/SMTP.Send

Authorization Endpoint: *
Authorization URL
https://login.microsoftonline.com/common/oauth2/v2.0/authorize

Token Endpoint: *
Access Token URL
https://login.microsoftonline.com/common/oauth2/v2.0/token

Resource Details Endpoint: *
User Details URL
https://outlook.office.com/api/v2.0/me

Email Address Attribute: *
Please consult your provider docs for the correct attribute to use
emailAddress

Callback Endpoint: *
Redirect Uri
https://YourSupportTicketAddress.com/api/auth/oauth2

lupo_gris

KevinTheJedi yes, all configuration are correct... in a fresh ost (without data) works perfectly... I made a pre version upgrade (1.14 - 1.16) and from 1.16 to 1.17 and the OST with data works.. thanks a lot for the help

« Previous Page Next Page »