Fin3

- Feb 3, 2023
- Joined Jul 25, 2022
- 0 best answers
- Edited
@jerer @KevinTheJedi
Just for info, I've handled my issues, now i'm correctly fetching emails in oauth2 with the modification proposed by jerer at attr_email and attr_username in conjunction wuth the latest commit of protich
I was having two misconfigurations:- Typo in an url rewriter of IIS
- Error in app registration configuration, where "Allow public client flows" must be setted to "No"
Hope this help someone!
Cheers
jerer
Very thank you for your input.
I've imported and compiled your modification to the attr_username and attr_email inside the last commit of Mr. Protich but the result it's always "invalid_client". I've also setted my application to allow users from all tenants (previously was only mine, but auth was working too) but without luck (same error).
Now i'm preparing a machine to debug php and try to understand what's going on down there.Thank you and tc
- Edited
KevinTheJedi
Yes it's true, the msft documentation is often not up to date, even during their courses you may facing things that must be configured differently than what is written in the prodivded documentationAnyway this is what i find when i manually try to allow the scopes:
Hope this helps!
Cheers
KevinTheJedi
Thank you very much for the reply!Unfortunately things still doesn't work, neither with the scope you mentioned, nor the one from my endpoints (are a little bit different for azure env, they refer to graph:
https://graph.microsoft.com/offline_access https://graph.microsoft.com/IMAP.AccessAsUser.All https://graph.microsoft.com/POP.AccessAsUser.All https://graph.microsoft.com/SMTP.Send
)I will check with the new plugin when ready and let you know, in the meantime if there's something I can do for you, do not hesitate to contact me.
Cheers
- Edited
KevinTheJedi
I've tried what suggested, using right endpoints with my tenant_id, all go well 'till the modern authentication, that ask for user, password and scope accept, but unfortunately the response from auth is invalid_client.
As already suggested, there is maybe a problem on how the scope is handled during authentication process, even with
"https://graph.microsoft.com/.default" setted up the scope passed is "offline_access https://outlook.office.com/IMAP.AccessAsUser.All" as per screenshot below
@edgarnadal
As KevinTheJedi suggested, you will find the right urls with your tenentid inside your azure registration portal, in the "Endpoints" link, as seen in the image below