We're reconfiguring osTicket now that OAuth is required for connecting to Microsoft 365. However, we seem to have lost the ability to use one account to authenticate to Send As a different account.

To detail our setup: We have one e-mail address "group@company.com" and one e-mail address "user@company.com."

user@company.com is a regular user mailbox, which osTicket uses to fetch e-mails to generate tickets. group@company.com is a distribution list / group, not an actual mailbox. user@company.com has "Send As" permissions granted in Delegate Access settings for group@company.com. So, user@company.com can be used to authenticate for sending messages as the group@company.com address.

This all worked perfectly fine with basic authentication. But now that we are using OAuth, osTicket gives this error when configuring the Outgoing (SMTP) settings:

Email Mismatch: Expecting Authorization for group@company.com not user@company.com

Is this an error on osTicket's side, if it is not designed to allow this type of set up? Or, am I missing some configuration in Microsoft 365 in the OAuth2 configuration?

(Sending and receiving as user@company.com is currently working fine.)

These are the API Permissions currently configured. Mail.Send.Shared should be the main one needed for the purpose at hand:

  • IMAP.AccessAsUser.All
  • Mail.ReadWrite
  • Mail.ReadWrite.Shared
  • Mail.Send
  • Mail.Send.Shared
  • offline_access
  • openid
  • POP.AccessAsUser.All
  • SMTP.Send
  • User.Read

Thanks for anyone's assistance! I know everyone is working through all these OAuth2 problems at the same time. 😅

  • KevinTheJedi replied to this.

  • jiit

    For now you have to login/authenticate as the email you are trying to configure in osTicket. So if it's a distribution list I don't think you'll be able to login as that email to authorize. You would need to make it an actual address with Username + Password. We do have an item on our todo list to look into shared mailbox and alias support but for now it must be legit email where you can login as that email and consent/authorize.

    Cheers.

      jiit

      For now you have to login/authenticate as the email you are trying to configure in osTicket. So if it's a distribution list I don't think you'll be able to login as that email to authorize. You would need to make it an actual address with Username + Password. We do have an item on our todo list to look into shared mailbox and alias support but for now it must be legit email where you can login as that email and consent/authorize.

      Cheers.

      • jiit replied to this.

          KevinTheJedi Ok, thanks for the clarification! We'll change our setup and await a future update.

            7 months later

            A Simple Workaround for osTicket 1.17.3

            Crate an account with realaddress email

            open file

            include/class.mail.php

            search function:

            public function getAuthRequest($user=null) {

            before return add

            if ($user == 'aliasaddress') {
            $user = 'realaddress';
            }

            now create account with aliasaddress

            test in production and works fine :-)

            Write a Reply...