We now have a confirmed setup working with Microsoft. Please review my post below:
Cheers.
OAuth2 - Microsoft setup
KevinTheJedi
Great job Kevin, I have tested config works now
I had changed only one thing
Default: mail to emailAddress
Email Address Attribute: *
Please consult your provider docs for the correct attribute to use
emailAddress
I am able to enable SMTP, create tickets via Portal,
only thing not working is mail Fetching, which I will fix later on
Thank you very much for your help
Yea rblake and I had to use EmailAddress so it seems specific to each tenant. Good thing we have the note to consult the provider's docs to see which attribute to use! 
Cheers.
KevinTheJedi
Fully tested, all well ready for Auth2.0
I will just wait for your official public release to set on the live system
Thank you
- Edited
Can anyone confirm that email fetching on Microsoft is working? I'm able to configure oauth2 and get a token but every time I attempt to enable Email Fetching I get an the red "AUTHENICATE failed." banner.
Edit: I followed https://forum.osticket.com/d/96893-basic-authentication-retirement-for-legacy-protocols-in-exchange-online/138 the only change that isn't working for me is that Email Address Attribute only works with the default mail, EmailAddress and emailAddress result in a failed authentication message on oauth2
Yes, I have MS OAuth2 fetching working with no issues. If you follow my post I linked above you'll see the exact steps to get this working.
Cheers.
a month later
I got this error while configuring OAuth2 Authorization.
What did I miss?
AADSTS50194: Application '356dfba1-5f9e-4954-a872-61e78582bffc'(XX-XXXXXXXXXXXXEmail-PRD) is not configured as a multi-tenant application. Usage of the /common endpoint is not supported for such applications created after '10/15/2018'. Use a tenant-specific endpoint or configure the application to be multi-tenant.
As the error states, you need to configure your application to be multi-tenant. After you create a new multi-tenant app you need to go to App registrations > click the app > click Overview > and click Endpoints to see what endpoints you need to use (v2 Authorization/Token endpoints).
You should follow the step-by-step documentation:
Cheers.
According to this, https://learn.microsoft.com/en-us/azure/active-directory/develop/single-and-multi-tenant-apps
since I am an educational user of osTicket and using Azure AD, I need a multi-tenant account type due to the usage of osTicket.
IT Admin handles the account type selection by policy. They selected "Single tenant". Looks like a reconfig is in order.
Thank you.
The documentation just shows an example. It's up to the person configuring the app to select the appropriate options for their org/tenant.
Cheers.
15 days later
@KevinTheJedi
on my live server, I am getting Loading ... when I tried to save
any idea what's missing?
Check this post and see if it applies.
https://forum.osticket.com/d/101637-imap-fetching-microsoft-oauth2
KevinTheJedi
I think I needed to install
apt install php8.1-curl
Now I get this, which I am waiting on Microsoft why is it, I had the same issue with my test server
Then you are using a personal email that MS has stated they will not allow modern authentication for unless you add a custom domain and new tenant. You can reach out to MS to get a more detailed response on this.
Cheers.
KevinTheJedi
No, I am not using personal email, using Exchange Online license, this is something on the Microsoft side
- Edited
KevinTheJedi
MS Azure support thinks it's Mailbox related error, so I have an MS365 ticket open now let's see if there is a fix
just note: is PHP8.1 supported on this version v1.17?
I am still seeing a spinning circle when trying to save Auth2, does this means the PHP version is not supported?:
PHP Fatal error: Uncaught Error: Call to a member function setConfigClass() on null in phar:///var/www/osticket/public_html/include/plugins/auth-oauth2.phar/oauth2.php:592\nStack trace:\n#0 /var/www/osticket/public_html/include/class.email.php(675): GenericEmailOauth2Provider->getPluginInstance()\n#1 /var/www/osticket/public_html/include/ajax.email.php(26): EmailAccount->saveAuth()\n#2 /var/www/osticket/public_html/include/class.dispatcher.php(151): EmailAjaxAPI->configureAuth()\n#3 /var/www/osticket/public_html/include/class.dispatcher.php(38): UrlMatcher->dispatch()\n#4 /var/www/osticket/public_html/include/class.dispatcher.php(120): Dispatcher->resolve()\n#5 /var/www/osticket/public_html/include/class.dispatcher.php(38): UrlMatcher->dispatch()\n#6 /var/www/osticket/public_html/scp/ajax.php(326): Dispatcher->resolve()\n#7 {main}\n thrown in phar:///var/www/osticket/public_html/include/plugins/auth-oauth2.phar/oauth2.php on line 592, referer: https://Mydomain.com/scp/emails.php?id=1
Yes PHP 8.1 is supported. That error means you need to delete the email and re-add it.
Also, when you get a fix from MS please let me know as a few others have run into this as well.
Cheers.
KevinTheJedi
MS365 saying it's an application issue
I have the case open, with Azure and MS365
As per the PHP error, I deleted the email and re-added and still gives the same error
=============================================
PHP8.1
PHP Fatal error: Uncaught Error: Call to a member function setConfigClass() on null in phar:///var/www/osticket/public_html/include/plugins/auth-oauth2.phar/oauth2.php:592\nStack trace:\n#0 /var/www/osticket/public_html/include/class.email.php(675): GenericEmailOauth2Provider->getPluginInstance()\n#1 /var/www/osticket/public_html/include/ajax.email.php(26): EmailAccount->saveAuth()\n#2 /var/www/osticket/public_html/include/class.dispatcher.php(151): EmailAjaxAPI->configureAuth()\n#3 /var/www/osticket/public_html/include/class.dispatcher.php(38): UrlMatcher->dispatch()\n#4 /var/www/osticket/public_html/include/class.dispatcher.php(120): Dispatcher->resolve()\n#5 /var/www/osticket/public_html/include/class.dispatcher.php(38): UrlMatcher->dispatch()\n#6 /var/www/osticket/public_html/scp/ajax.php(326): Dispatcher->resolve()\n#7 {main}\n thrown in phar:///var/www/osticket/public_html/include/plugins/auth-oauth2.phar/oauth2.php on line 592, referer: https://Mydomain.com/scp/emails.php?id=1
=============================================
PHP8.0 downgraded
[Tue Oct 18 15:36:46.738362 2022] [php:error] [pid 19162] [client 50.206.10.142:17772] PHP Fatal error: Uncaught Error: Call to a member function setConfigClass() on null in phar:///var/www/osticket/public_html/include/plugins/auth-oauth2.phar/oauth2.php:592\nStack trace:\n#0 /var/www/osticket/public_html/include/class.email.php(675): GenericEmailOauth2Provider->getPluginInstance()\n#1 /var/www/osticket/public_html/include/ajax.email.php(26): EmailAccount->saveAuth()\n#2 /var/www/osticket/public_html/include/class.dispatcher.php(151): EmailAjaxAPI->configureAuth()\n#3 /var/www/osticket/public_html/include/class.dispatcher.php(38): UrlMatcher->dispatch()\n#4 /var/www/osticket/public_html/include/class.dispatcher.php(120): Dispatcher->resolve()\n#5 /var/www/osticket/public_html/include/class.dispatcher.php(38): UrlMatcher->dispatch()\n#6 /var/www/osticket/public_html/scp/ajax.php(326): Dispatcher->resolve()\n#7 {main}\n thrown in phar:///var/www/osticket/public_html/include/plugins/auth-oauth2.phar/oauth2.php on line 592, referer: https://Mydomain.com/scp/emails.php?id=1
I deleted the email and re-added still getting the same errors:
[Tue Oct 18 15:36:46.738362 2022] [php:error] [pid 19162] [client 50.206.10.142:17772] PHP Fatal error: Uncaught Error: Call to a member function setConfigClass() on null in phar:///var/www/osticket/public_html/include/plugins/auth-oauth2.phar/oauth2.php:592\nStack trace:\n#0 /var/www/osticket/public_html/include/class.email.php(675): GenericEmailOauth2Provider->getPluginInstance()\n#1 /var/www/osticket/public_html/include/ajax.email.php(26): EmailAccount->saveAuth()\n#2 /var/www/osticket/public_html/include/class.dispatcher.php(151): EmailAjaxAPI->configureAuth()\n#3 /var/www/osticket/public_html/include/class.dispatcher.php(38): UrlMatcher->dispatch()\n#4 /var/www/osticket/public_html/include/class.dispatcher.php(120): Dispatcher->resolve()\n#5 /var/www/osticket/public_html/include/class.dispatcher.php(38): UrlMatcher->dispatch()\n#6 /var/www/osticket/public_html/scp/ajax.php(326): Dispatcher->resolve()\n#7 {main}\n thrown in phar:///var/www/osticket/public_html/include/plugins/auth-oauth2.phar/oauth2.php on line 592, referer: https://Mydomain.com/scp/emails.php?id=1
[Tue Oct 18 15:42:40.676277 2022] [php:error] [pid 19158] [client 50.206.10.142:10178] PHP Fatal error: Uncaught Error: Call to undefined function ldap_connect() in phar:///var/www/osticket/public_html/include/plugins/auth-ldap.phar/include/Net/LDAP2.php:433\nStack trace:\n#0 phar:///var/www/osticket/public_html/include/plugins/auth-ldap.phar/include/Net/LDAP2.php(339): Net_LDAP2->performConnect()\n#1 phar:///var/www/osticket/public_html/include/plugins/auth-ldap.phar/authentication.php(158): Net_LDAP2->bind()\n#2 phar:///var/www/osticket/public_html/include/plugins/auth-ldap.phar/authentication.php(191): LDAPAuthentication->getConnection()\n#3 phar:///var/www/osticket/public_html/include/plugins/auth-ldap.phar/authentication.php(430): LDAPAuthentication->authenticate()\n#4 /var/www/osticket/public_html/include/class.auth.php(341): StaffLDAPAuthentication->authenticate()\n#5 /var/www/osticket/public_html/scp/login.php(71): AuthenticationBackend::process()\n#6 {main}\n thrown in phar:///var/www/osticket/public_html/include/plugins/auth-ldap.phar/include/Net/LDAP2.php on line 433, referer: https://Mydomain.com/scp/login.php
[Tue Oct 18 15:42:40.678325 2022] [php:error] [pid 19158] [client 50.206.10.142:10178] PHP Fatal error: Uncaught Error: Call to undefined function ldap_close() in phar:///var/www/osticket/public_html/include/plugins/auth-ldap.phar/include/Net/LDAP2.php:701\nStack trace:\n#0 /var/www/osticket/public_html/include/pear/PEAR.php(755): Net_LDAP2->_Net_LDAP2()\n#1 [internal function]: _PEAR_call_destructors()\n#2 {main}\n thrown in phar:///var/www/osticket/public_html/include/plugins/auth-ldap.phar/include/Net/LDAP2.php on line 701, referer: https://Mydomain.com/scp/login.php