Also, if it was an application issue then no one with O365 would be able to set this up which is not the case.
Cheers.
OAuth2 - Microsoft setup
KevinTheJedi
I deleted and re-added back the email and tried again it gives the same error
I have got it to work by adding a support email address to Global Admin or Application Administrator Roles, which is a security risk, but this worked means something missing as per application requires permissions, not sure where Azure or O365
Based on docs this permission is not enough:
User.Read, offline_access, IMAP.AccessAsUser.All, POP.AccessAsUser.All, and SMTP.Send.
- Edited
KevinTheJedi
My Solution at the moment is this: it's working fine since this morning
Adding permissions: User.Read, offline_access, IMAP.AccessAsUser.All, POP.AccessAsUser.All, and SMTP.Send.
and adding the App with the Cloud application administrator
I have enabled MFA on this account to protect an extra layer of security
This is my system info:
Oh yea as we currently have prompt=consent enabled so you must allow users to consent themselves. We are making this configurable in the next release.
Cheers.
I have setup OAuth2 but it is going for admin consent every time so not working to fetching the emails. Our Corporate IT manages the Azure so they followed the instructions on azure site as per OSTicket guide but it is creating this issue. Can i setup a call with OSTicket rep and our Corporate IT to fix it? It does not seem work this way since we are on different regions and I manage the OSTicket here locally and our Corporate IT has management of exchange and Azure. Please let me know how we can proceed?
You must allow users to consent themselves. You must also login as the email in order to authorize.
Cheers.
I am configuring IMAP to fetching emails from a mailbox for email to ticket feature. and there OAuth2 is going for admin consent every time. Which should not be
Again, users must be allowed to consent themselves. If they cannot then you will not get this working.
Cheers.
I am not getting it. Please assist on how we can now fetch emails to ticket from a mailbox using IMAP?
I am not enabling it for users, users use to send emails to an email address through which we setup that mailbox to fetch emails to create tickets.
- Edited
@abeermuh : Did you follow the documentation?
https://docs.osticket.com/en/latest/OAuth2/Microsoft%20Authorization%20Guide.html
I followed it on O365 and it's working well. Let us know at which step you're stuck from documentation and we can continue from there.
KevinTheJedi
I wrote a post to help users out there who might have issues with the OAuth2 setup
I will update as needed
https://howtohelpdesk.com/how-to-setup-oauth-on-osticket-using-microsoft-365/
This post covers everything from Creating App registration to, adding plugins, configuring, and Fetching emails automatically
Create an app registration
To be able to allow user consent
Install OAuth plugin
To configure OAuth on osTicket
To schedule to Fetch emails in the background
Issues and Solutions
- Edited
- Edited
KevinTheJedi
Yes, the MS365 side, the API permission side, and also for my own reference of any custom changes
3 months later
Dear Team,
Need your urgent support. I have installed OS Ticket 1.17v and installed “Oauth2” plugin. Snap attached FYR.
Created app in Azure Active Directory and given all required permission as well. Snap attached FYR.
Still getting error as below.
Please advice me to resolve the issue. Thanks in advance.
KevinTheJedi
I deleted mail id and configured again but now when I clicked "Accept" button. Now getting below pasted snap error. Please suggest on this.
URL Rewriting is not enabled on your webserver. Please research guides online on how to enable this for your webserver.
Cheers.
Also from that last image showing your config there is a problem with
Authorization Endpoint and Token Endpoint
The word common should be the Tenant Id.