I have a new installation of osTicket running on Windows Server 2019 and IIS. I've gone through the steps to configure ldap, Oauth2 and remote mailbox and outgoing(SMTP). I have no issues logging in with my AD credentials. When I try to log in on the servers desktop using Sign in with Azure, it authenticates with Entra but returns me to the default landing page. When I try the same thing from a separate workstation it comes back saying localhost refused the connection. I'm at a bit of a loss here. I've followed the guides and everything looks normal and correct from my perspective but I'm obviously missing something here. If anyone can provide assistance I would greatly appreciate it.
localhost refused to connect
When login does work what URL are you using? The domain has to match always. Meaning whatever domain you initiate the login from in the browser has to match the Redirect URI in the app registration and within the plugin config.
Cheers.
The helpdesk url under settings -> system is http://ipaddress. The app registration is set to http://localhost/api/auth/oauth2
Then you need to access the site using "http://localhost" and attempt authentication from there.
Cheers.
I feel like I'm being a bit stupid but I can't access it from localhost when I'm on an external workstation.
Then you will need to setup an SSL Cert for the IP or setup a hostname with SSL Cert configured. Unfortunately, Microsoft forces you to use HTTPS when using anything other than localhost. Once you do this you will need to update the Redirect URI in the app registration and in the plugin config and retest.
Cheers.
Since this will be 100% internal (other than the email portion obviously) how can I configure all of this so both authentication and access work without using SSL and certs.
You must use localhost in that scenario. Microsoft enforces this restriction; not us.
Cheers.