Hello!

I installed the new osTicket (fresh for testing, only the OAuth plug-in):
osTicket Version v1.17 (1d8b790) — Up to date
Web Server Software Apache
MySQL Version 5.7.39
PHP Version 8.0.23

And I am having an issue when I go to authentic the email address after it logs-in, the redirect is to the sign-in page of osTicket and it doesn't seem to complete the entry. I read of people removing lines in an old variation of osTicket but those lines do not exist to change, so I'm not sure what next steps are.

Thanks,

--Phil

    PSteward

    Either you don't have URL rewrite enabled for Apache or you don't have something configured properly.

    Cheers.

      When I purposely mess up the client_id (so that it produces this error) the redirect back is good:

      It's only if the authentication is correct it redirects to the sign-in screen.....

        PSteward

        Then it sounds like the former part of my previous post:

        ... you don't have URL rewrite enabled for Apache ...

        Cheers.

          As it's not my server (CPANEL), how can I verify if it's enabled (or enable it)?

            Hey Kevin,

            No, just confirmed that mod_rewrite is enabled and works but the issue with osTicket remains.

              PSteward

              Did you make sure your Redirect URL was indeed correct? Also, please look at the requests when redirecting back to see if it's truly going to the api/oauth2 url. You should see something like 403 or 500 or something which would indicate your URL rewriting isn't properly configured or maybe your host is doing something weird when it's redirecting back.

              Cheers.

                I changed http.php last line to:
                print Osticket::get_path_info();
                And it stopped the redirect. In the URL I see on browser now there is microsoft error:

                +is+not+configured+as+a+multi-tenant+application.+Usage+of+the+%2fcommon+endpoint+is+not+supported+for+such+applications+created+after+%2710%2f15%2f2018%27

                So I guess there is an issue with the configuration (on the Microsoft side) and it breaks the redirect and doesn't present the error.

                  PSteward

                  I got that error when I forgot to add the tennat id to the authrisation and token end point. The default ones are for multi tenant and I had it set as single.

                      B0ydie
                      Yeah, it appears I need to do this for Multi-tenant too:
                      Starting November 9th, 2020 end users will no longer be able to grant consent to newly registered multitenant apps without verified publishers. <-- MPN ID
                      Is there a quick way around, or this is the only way?

                          PSteward

                          Please follow the documentation steps as listed. You would see that you need to go to App registrations, click the app, go to the Overview tab, and click Endpoints for the actual endpoints to use (v2 Authorization/Token endpoints).

                          Cheers.

                            And I am having an issue when I go to authentic the email address after it logs-in, the redirect is to the sign-in page of osTicket and it doesn't seem to complete the entry.

                            Hi,
                            I have the same issue but on Windows Server 2019 and IIS. URL Rewrite is installed and enabled.

                            I tested it with Single Tenant Endpoints and Multitenant Endpoints (with the correct URLs).

                              Write a Reply...