When following this guide to set up Oauth2 https://docs.osticket.com/en/latest/OAuth2/Microsoft%20Authorization%20Guide.html

At the very end when I log into the email instead of being able to accept consent I have to justify requesting this app, and then instead of redirecting back to the email page and showing the token tab, I get redirected back to the front page of osTicket and no tokens are attached to the email, even after the admin accepts the request.

Any idea what may be going wrong?

  • KevinTheJedi replied to this.

  • mgrimard

    You will need to allow users to consent themselves or have the global admin give global consent to the Registered Application. Once that's done then you should be able to login as the email and click Accept.

    Cheers.

      mgrimard

      You will need to allow users to consent themselves or have the global admin give global consent to the Registered Application. Once that's done then you should be able to login as the email and click Accept.

      Cheers.

          KevinTheJedi

          Thanks Kevin, we Granted admin consent of the osTicket OAuth2 tenant but we're still getting the request to confirm when signing into the email - any chance you could outline the steps we should take? Or have a link to somewhere that does?

              mgrimard

              I literally just had a case where this happened and I added https://outlook.office.com/Imap.AccessAsUser.All to the Scopes (to invalidate the current config) and when it redirected me it allowed me to consent as the email itself. I don't know if waiting 15 minutes did it or if the change I just mentioned did it.

              Also, you can also grant tenant-wide consent to the app following these instructions.

              Cheers.

                  Thanks Kevin, I think you were right - it took time to propegate throughout the system. We just tested it again and it worked this time.

                  KevinTheJedi

                  Hi Kevin, I am having the same issue as OP. Could you please show me how to add 'https://outlook.office.com/Imap.AccessAsUser.All' to the Scopes?
                  I was wondering if it was simple as copy that link then paste it in the address bar (after it redirected me to the homepage) then press enter or something like this link https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-configure-app-expose-web-apis

                  Thank you.

                      toann

                      Click Config next to Authentication in the Remote Mailbox tab of the email. Then paste the scope in the Scopes field after Mail.ReadWrite.

                      Cheers.

                        Thanks a lot Kevin. Added to Scope of osticket. But issue persists. Let me try a fresh install.

                        @KevinTheJedi Hi Kevin, just a small update, I went to the database yesterday and found a couple duplicated entries for the auth. Deleted both entries. Went to osticket then submit the form for oauth again, but the issue persists. I wasn't to sure how to fix that database stuff. I think what I did wrong at the beginning that might cause the issue that I didn't update the plugins when upgrade to 1.17.2.
                        Anyways, I just set up a new one and able to authenticate with oauth2 with no issue. Everything works now with the new set up and we are happy.

                        Big thanks to you and your team for this awesome osticket.

                        Cheers.

                        Write a Reply...