any working instructions for setting up OAuth2 Microsoft ? (running v1.17-rc3)

    5 days later

    OSticket details:

    Need help As Office365 team announces that IMAP+SSL, setting ended this OCT 22. Also found that GMAIl too, ended the 3rd party around May 22. Pls share, if new guide for email setting for OSticket using Office365.

    9 days later


    Is there a way to get things working with self signed certs for an intranet? This is a curl error I believe, I've tried to add the cert to the php.ini file, but I don't think that is the right location then.

      leonlongoria

      You can go to the link in the error and it should explain how to address the issue. cURL issues are typically easy to fix thankfully.

      Cheers.

        Hello... I followed all the instructions, and allow in the authorization window the account and permissions do not error for the Microsoft side. But in OST appears an "invalid client" error. I double checked the info, and even put a wrong client id for testing (and Microsoft windows show error " Application with identifier 'xxxxx-xxx-xxx-xxxx' was not found in the directory" so I'm sure the "client Identifier" is well...

        osTicket (v1.17-rc4) on centos 8

          lupo_gris

          Please post a screenshot of the OAuth2 information you are using. Please make sure to censor things like the client secret, client id, tenant id, etc.

          Cheers.

              lupo_gris

              I guess you didn't read the post I linked above with full instructions. Your Resource Details Endpoint is incorrect. You should be using the v2.0 outlook api url https://outlook.office.com/api/v2.0/me. Please make sure you download and install the latest build of the OAuth2 plugin from our website.

              Also, your scopes are wrong. You need to use the outlook scopes of offline_access https://outlook.office.com/Mail.ReadWrite.

              Cheers.

                  BrunoLopes Did you manage to solve it? I tried with incognito, but I still get that Email Mismatch.
                  To get that error, I log into a shared mailbox after it asks me to sign with an admin account to authorize the access to the organisation.

                    KevinTheJedi I made the changes, but still in "invalid client".. I download and reinstall the plugin with the same result

                    edit:
                    I made a fresh install, without de data of the old OST, and work... so something about the original OST is broken...

                        lupo_gris

                        Did you enable and consent to the needed scopes in your Azure App? Please go back to my linked guide and follow all the steps.

                        Cheers.

                            lupo_gris
                            These settings have worked for me

                            email Address Attribute part, you have different, based on your AD settings

                            Client Id: *
                            IdP Client / Application Identifier

                            Client Secret:
                            IdP Client Secret

                            Scopes: *
                            Comma or Space separated scopes depending on IdP requirements
                            offline_access https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/POP.AccessAsUser.All https://outlook.office.com/SMTP.Send

                            Authorization Endpoint: *
                            Authorization URL
                            https://login.microsoftonline.com/common/oauth2/v2.0/authorize

                            Token Endpoint: *
                            Access Token URL
                            https://login.microsoftonline.com/common/oauth2/v2.0/token

                            Resource Details Endpoint: *
                            User Details URL
                            https://outlook.office.com/api/v2.0/me

                            Email Address Attribute: *
                            Please consult your provider docs for the correct attribute to use
                            emailAddress

                            Callback Endpoint: *
                            Redirect Uri
                            https://YourSupportTicketAddress.com/api/auth/oauth2

                              Our token expired and app won't fetch emails. So, app should have extra permissions in Azure App? Anyway, on SMTP configuration token is valid.

                              Update: After go to setting token and click on confirm, token refresh and valid but still main won't fetch emails form Inbox.

                                I tried with plugin version 0.3 and the redirect url does not work. it just redirects to the homepage when authenticating.
                                Version 0.5 does not open configuration, just a blank popup.
                                Any here with a working version?

                                  sander4000
                                  Check the network traffic with the developer tools (usually "F12"). Sometimes it shows you the error as soon as you got redirected.

                                    KevinTheJedi yes, all configuration are correct... in a fresh ost (without data) works perfectly... I made a pre version upgrade (1.14 - 1.16) and from 1.16 to 1.17 and the OST with data works.. thanks a lot for the help

                                      Is the scope of what is being worked on just generating the token? Is fetching and sending mail also implemented?