KevinTheJedi How do I find the rules? This is what I show in our Plugin setup for OAuth2 - under the Config tab: 
Also - my comment from earlier about responding so quickly was meant as a compliment. I know you are not obligated to answer me in a timely manner or even at all. So I am super appreciative of the timely and thorough responses from you and all the community members!
I don’t know how that happened, that last part was meant for another thread entirely. My apologies. I edited my previous reply to remove that part. Someone else was being rude, not you lol
The rules are registered in the plugin code itself. You can see it here:
So it’s looking for "/api/auth/oauth2".
Cheers.
KevinTheJedi Well and that is what I have in the URL. So - as you said, it seems like something deeper is going on {sigh}.
Make sure the files aren’t corrupted somehow, make sure your webserver is not blocking the URL or mangling it, check your server logs to see if anything is being logged, etc. I would also make sure your registered app in azure has the correct url configured.
You can also try downloading the raw plugin files from GitHub, uploading the raw auth-oauth2 folder to your plugin folder, moving the phar plugin outside the plugin directory, going to your database.ost_plugin table, set isphar to 0 for that plugin, and retest.
Cheers.
OK - I'm revisiting this now that PHP is configured and working correctly. I tried the settings again and it still returns with "URL not supported." I'll keep digging but let me know if you have any insight.
Honestly I had a really hard time trying to get IIS working with PHP 8+ and gave up.
After over 10 years of running osTicket under IIS, I switched to Apache.
I figure that is not the answer that you want to hear, but you might want to consider the option.
ntozier Yeah - not a great answer. There has to be a solution.
Well I can say that MS decided to kill windows builds of PHP (a month or so ago - maybe earlier) so everything with PHP is almost completely manual now in IIS. So if you aren't familiar with IIS and PHP inter-workings then you are pretty much at the mercy of guides online. Not as easy as it used to be with auto-installers, etc. With this being said people are seeing no choice but to switch to Linux as the PHP integration out of the box is simply superior now and much, much easier.
Your issue a very odd issue that I cannot replicate and I haven't seen elsewhere. Have you tried a completely different browser to see if your usual browser is caching something? Also, make sure the Callback Endpoint in the OAuth2 popup matches the Redirect URI in your App Registration.
Can you try var_dumping the URL in the Dispatcher to see what the actual URL the application is trying to match on so we can see why it's failing to match?
Cheers.
KevinTheJedi Yeah - we are caught in the middle right now...
We are not Linux gurus so thus we opted to go the Windows route for osTicket... What I'm wondering now is, maybe we try Apache on Windows instead of using IIS. We might have better results that way. We understand the underlying OS when it comes to Windows vs Linux...
And yes, we have tried multiple machines, multiple browsers...
But yes, the callback and redirect URI match. I will dig into the var_dumping of the URL... but we don't know how to invoke that. Any hints?
For the record - I deleted the plugin after deleting its settings and then re-downloaded the latest plugin and tried it again. This time I just tried using the authentication mechanism to login using our Office 365 credentials. Everything works as expected until it comes to the redirect URI at the end, at which point it shows the "URL not supported" message.
It doesn't seem to matter what I put in after the api folder, it all returns URL not supported.
https://sosticket.servername.local/api/whateverIwantHere/
I'm not having much luck in figuring out how to set var_dumping with PHP.
Nothing else will be accepted except for /api/auth/oauth2 (or the typical API route for creating tickets - eg. /api/tickets.json). For the var_dumping part you can look at include/class.dispatcher.php.
Cheers.
KevinTheJedi
We made some progress on the var_dump.
We added this code to the class.dispatcher
var_dump($url, $args);
Then switch tried the AAD login:
string(16) "/api/auth/oauth2" NULL URL not supported
Not sure how helpful that is, but let me know.
We are thinking of switching over to Apache from IIS. Would that help things? Essentially going from WIMP to WAMP.
We have switched back to a LAMP server config due to the fact that most of the help on the 'net is for a LAMP server when it comes to PHP & Apache.
It appears that ever since Windows dropped PHP builds most people are moving away from Windows servers and going to Linux when dealing with PHP applications.
Cheers.
I second that opinion. As I am one of the folks who left WIMP for LAMP. 
