KevinTheJedi
bbour53
Hi,
I can confirm that setting prompt=login
was the only way to make the plugin work with our Azure environment, even with discretionary user consent enabled.
Currently, it seems osTicket is unable to get an oAuth2 token from Azure as long as prompt=consent
is used, as in Microsoft's implementation, this option is meant to require explicit/interactive admin approval for any new token issuance (see this link's last point). So unless I'm missing something, the current version of the plugin is unusable with Azure.
Setting prompt=login
does fix this issue, while still enforcing user login to avoid using the wrong account. is it possible to push this change upstream in the plugin repository to avoid dealing with manual mods on future updates ?