done but unfortunately get the same message when saving the OAuth2 configuration.
~# nano /etc/apache2/apache2.conf
:~# service apache2 restart
Or do I also have to adjust this on the site-available location of this specific site?
Basic Authentication Retirement for legacy protocols in Exchange Online
As I mentioned earlier:
You need to go to your sites-available file for the osTicket site or the main httpd.conf and change the AllowOverride module to All.
Which means you should do this in your sites-available and if you don't have that then the main config.
Cheers.
ok clear, adjusted in the main and at site level but unfortunately I keep getting the same message back.
- Edited
Yes fetching works using IMAP. Also SMTP works with oauth. Edit: POP works too.
About the mail attribute, I have the email set also in the Contact Information form but the API doesn't still return "mail" property at all. I wonder if this is a Personal vs Exchange thing or something. Also there is no "mail" property in https://outlook.office.com/api/v2.0/$metadata
Very strange as when I dumped the attributes I get from v2.0 user endpoint I got all the correct attributes as expected mail, givenname, and surname.
Cheers.
- Edited
@jerer @KevinTheJedi
Just for info, I've handled my issues, now i'm correctly fetching emails in oauth2 with the modification proposed by jerer at attr_email and attr_username in conjunction wuth the latest commit of protich
I was having two misconfigurations:
- Typo in an url rewriter of IIS
- Error in app registration configuration, where "Allow public client flows" must be setted to "No"
Hope this help someone!
Cheers
Not contributing much to the convo, but thought I'd chime in with I'm also getting the "invalid_client" issue. Have followed all of the advice here, still hitting it. Will try unpacking that .phar and trying those edits @jerer has mentioned tomorrow. It's been a long day with other "sinking ship" items 
Context: Running this in a fairly large enterprise Azure tenant w/ hybrid mail. If anyone needs me to test things on the Azure end, let me know.
- Edited
I am also getting "invalid_client" with the plugin. Im pulling my hair out on this one!! haha
Here is my OAuth2 app settings:
Here is my endpoint from Azure:
Here is my Client ID:
Here is my Secret ID:
My Redirect:
My Permissions:
Hi, Also getting "invalid_client" when saving Auth2 Config, but when I enable email fetching Error changes to "Configure Authentication"
Is there a link to the v2 oauth2.phar file?
I've tried to follow the instructions on github but I'm hitting some errors
No, we will build and provide the new plugin once RC2 is released. You are welcome to get the source code for the plugin and hydrate and build it yourself.
Cheers.
@KevinTheJedi Is Outlook v2.0 API being deprecated (and decommissioned soon) going to be addressed in RC2/stable?
- I think the API usage could be made optional since it shouldn't be really needed when used for IMAP/POP/SMTP.
- The alternative is to use Graph API, but this requires getting another access token because Microsoft doesn't support Graph+outlook.office.com scopes in a single access token.
For now just Modern Auth via IMAP/POP and SMTP protocols. If they restrict fetching to the graph api then people are screwed. If that’s the case then you’d need a library/sdk for every provider to use their specific API which is not feasible. They should allow IMAP/POP and SMTP protocols for OAuth2. Unless I’m misinterpreting what you are saying.
Cheers.
- Edited
What I mean is Microsoft has deprecated the https://outlook.office.com/api/v2.0 APIs, but https://outlook.office.com/IMAP...ETC scopes (not Graph) needs to be used for IMAP/SMTP/POP XOAUTH2 to work. AFAIK, Microsoft has not announced any changes coming to the IMAP/SMTP/POP scopes.
So yes Graph APIs are the replacement for https://outlook.office.com/api/v2.0, but the problem is the Graph APIs cannot be used with the same access token we use for https://outlook.office.com/IMAP/SMTP/POP scopes.
https://stackoverflow.com/a/61678485
https://stackoverflow.com/a/65289990
I hope this makes it more clear what I'm concerned about.
I see. I think we are going to cross that bridge when we get closer. For now we are making v1.17 stable and then look at the outlook api url deprecation.
Cheers.
Just a heads up. As of yesterday, Microsoft prematurely disabled basic authentication on our O365 tenant. This caused IMAP mail fetching to stop working in osTicket. Although this isn't supposed to be deprecated until October. After talking with Microsoft support, supposedly they made a mistake while testing, and they disabled basic auth on many O365 tenants across the globe. I saw a lot of complaints on this all over the internet yesterday. They were able to assist with turning basic authentication back on, but warned it may be shut off again before October.
Anyways, just wanted to give everyone a heads up, and hoping for a stable release soon!
alexbuckland
I'm trying to accomplish this with ZohoMail which is also a cheapo $1 per month mail service. I'm trying to figure out how to set this up. I have ZohoMail pulling data from Microsoft using Imap and that works fine. But I cannot figure out how to setup OsTicket to fetch mail from Zoho Mail. ZohoMail is just a client like Microsoft Outlook, so I don't know what to put for servername, port, etc.
Can you please provide some insight on how you set this up with your Fast Hosts?
Sure. I simply forwarded email from mailbox where the support requests came into. This was setup on 365 (obviously), but before I could turn on forwarding I had to enable it on my tenant, it seems to be turned off by default - you can enable a rule for an individual mailbox or all users here: https://protection.office.com/antispam
Once the email was forwarding I reconnected osticket to the new simple mailbox which allowed pop3 collection.
For sending email, I left this with 365 as SMTP auth seems to still work ok.
Any update on when we can expect 1.17 RC-2? i'm subbed to the github, but yeah.