KevinTheJedi
I have followed that guide, double checked all my settings, I will start fresh tomorrow with a new account, just to make sure I don't have anything cache or MS365 doesn't have something in the backend, that's causing an issue
OAuth2 - Microsoft setup
@KevinTheJedi
I just tested one more thing and found little strange, not sure if this has anything to do with Auth2.0, probably not
On the same server where I have installed v1.17-RC3 with the LDAP plugin, I can only log in once, the user shows up in the user list, but can't log in again
So, I installed 1.16.3, and LDAP worked fine
I have done another fresh setup and still, I cannot get it to work
I can save the config and get the token, but when I try to enable the Fetching or SMTP, that's when I get error
I gave the following permissions:
I signed up for a O365 dev account and itโs not letting me access anything so I contacted MS support again. Waiting on their response. Once I have a working account we can better debug this.
Cheers.
5 days later
We now have a confirmed setup working with Microsoft. Please review my post below:
Cheers.
KevinTheJedi
Great job Kevin, I have tested config works now
I had changed only one thing
Default: mail to emailAddress
Email Address Attribute: *
Please consult your provider docs for the correct attribute to use
emailAddress
I am able to enable SMTP, create tickets via Portal,
only thing not working is mail Fetching, which I will fix later on
Thank you very much for your help
Yea rblake and I had to use EmailAddress so it seems specific to each tenant. Good thing we have the note to consult the provider's docs to see which attribute to use! 
Cheers.
KevinTheJedi
Fully tested, all well ready for Auth2.0
I will just wait for your official public release to set on the live system
Thank you
- Edited
Can anyone confirm that email fetching on Microsoft is working? I'm able to configure oauth2 and get a token but every time I attempt to enable Email Fetching I get an the red "AUTHENICATE failed." banner.
Edit: I followed https://forum.osticket.com/d/96893-basic-authentication-retirement-for-legacy-protocols-in-exchange-online/138 the only change that isn't working for me is that Email Address Attribute only works with the default mail, EmailAddress and emailAddress result in a failed authentication message on oauth2
Yes, I have MS OAuth2 fetching working with no issues. If you follow my post I linked above you'll see the exact steps to get this working.
Cheers.
a month later
I got this error while configuring OAuth2 Authorization.
What did I miss?
AADSTS50194: Application '356dfba1-5f9e-4954-a872-61e78582bffc'(XX-XXXXXXXXXXXXEmail-PRD) is not configured as a multi-tenant application. Usage of the /common endpoint is not supported for such applications created after '10/15/2018'. Use a tenant-specific endpoint or configure the application to be multi-tenant.
As the error states, you need to configure your application to be multi-tenant. After you create a new multi-tenant app you need to go to App registrations > click the app > click Overview > and click Endpoints to see what endpoints you need to use (v2 Authorization/Token endpoints).
You should follow the step-by-step documentation:
Cheers.
According to this, https://learn.microsoft.com/en-us/azure/active-directory/develop/single-and-multi-tenant-apps
since I am an educational user of osTicket and using Azure AD, I need a multi-tenant account type due to the usage of osTicket.
IT Admin handles the account type selection by policy. They selected "Single tenant". Looks like a reconfig is in order.
Thank you.
The documentation just shows an example. It's up to the person configuring the app to select the appropriate options for their org/tenant.
Cheers.
15 days later
@KevinTheJedi
on my live server, I am getting Loading ... when I tried to save
any idea what's missing?
Check this post and see if it applies.
https://forum.osticket.com/d/101637-imap-fetching-microsoft-oauth2
KevinTheJedi
I think I needed to install
apt install php8.1-curl
Now I get this, which I am waiting on Microsoft why is it, I had the same issue with my test server
Then you are using a personal email that MS has stated they will not allow modern authentication for unless you add a custom domain and new tenant. You can reach out to MS to get a more detailed response on this.
Cheers.
KevinTheJedi
No, I am not using personal email, using Exchange Online license, this is something on the Microsoft side