Hi all. I'm an osTicket noob, but reasonably experienced with self-hosting FOSS apps in LAMP stack, etc.
I set this up yesterday following this guide:
https://docs.osticket.com/en/latest/OAuth2/Google%20Authentication%20(SSO)%20Guide.html
I created one agent, but had left the oAuth2 client instance at "End Users Only" and the agent authentication dropdown as "any available backend".
It worked for signing in as end-user, I picked the account with the usual Google screen, all good.
Then, next day, wanting to complete the setup, tried testing now with agents and end-users, making the necessary changes.
Nothing works now. Whether I am signing in as an agent or end-user, I am in a doom-loop of constanting returning to the Google "choose an account" screen.
I set the logs to DEBUG level, but no joy.
Checked system and Apache logs, same.
Does anyone have a clue?
FWIW, I do have the app behind CLoudflare Zero Trust (app is hosted on a private IP with no inbound access, and I use their tunnel and "Public hostname" feature so the app isn't exposed to entire Internet but end-users can access from anywhere after authenticating with our Cloudflare account. Works fine with another popular FOSS app and for webmin also.
That said, I am going to disable this and firewall the machine except for my IP to see if I get the same issue without Cloudflare.
TIA for any pointers, etc.
