r3nato0
As long as osTicket can make the calls it needs and it gets the right responses back it should be fine. A local domain should also be fine as you said it will have HTTPS. The main requirement from Microsoft for a Redirect URI is that it uses the HTTPS scheme (see this reference).
Now, with this in mind, let's say I'm configuring OAuth2 for my system email. I login to osTicket, install and enable the plugin, add the system email, set the authentication to OAuth2, click Config to open the configuration popup, configure the OAuth2 settings for the system email, and then I submit the popup so that I'm redirected to Microsoft for authorization. When redirected to Microsoft I login as the system email (or service account depending on the type of email you are configuring) to authorize and consent to the requested permissions. Once you consent you are redirected back to the system. All that happens within the browser. Now, once you are redirected back to osTicket successfully the system has to call the external token and authorization endpoints to verify and to get the OAuth2 access/refresh tokens. Additionally, each time the token expires it needs to call the token/authorization endpoints to get new access/refresh tokens. This all happens from the server. This means your server needs to be able to make those external calls. During this process the source URL (the URL you are making these calls from) has to match the entire time (browser and server); otherwise Microsoft will deny the requests or the authorizations will fail. So be careful with the proxy-ing and ensure the URL stays consistent throughout. If you setup the proxy correctly you should have no issues.
The last thing is if you will have osTicket behind a proxy make sure you update this setting.
Cheers.
