Skip to content
GitLab
Projects Groups Topics Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • CiviCRM Core CiviCRM Core
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Graph
    • Compare revisions
  • Issues 1.1k
    • Issues 1.1k
    • List
    • Boards
    • Service Desk
    • Milestones
  • Deployments
    • Deployments
    • Releases
  • Wiki
    • Wiki
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
Collapse sidebar
  • DevelopmentDevelopment
  • CiviCRM CoreCiviCRM Core
  • Issues
  • #2559
Closed
Open
Issue created Apr 22, 2021 by spalmstrom@spalmstrom

Cannot get Auth Code in Oauth2 from Microsoft Azure Application

Overview

You cannot get an Auth Code in Oath2 from a single-tenant Microsoft Azure Application because the access token string is

https://login.microsoftonline.com/common/oauth2/v2.0/token

when it should be:

https://login.microsoftonline.com/<tenant ID>/oauth2/v2.0/token

Reproduction steps

  1. Click on Admin -> Oauth2 Administration
  2. Select Microsoft Exchange Online
  3. Click on Add token and enter an MS account

Current behaviour

AADSTS50194: Application '226037fb-d13a-4f81-ba32-561601248bea'(MissionAssist Mail) is not configured as a multi-tenant application. Usage of the /common endpoint is not supported for such applications created after '10/15/2018'. Use a tenant-specific endpoint or configure the application to be multi-tenant.

Expected behaviour

A token should be added.

Environment information

  • Browser: Edge but probably not relevant
  • CiviCRM: 5.36.1
  • PHP: 7.4.16_ but probably not relevant
  • CMS: Drupal 9.1.7 but probably not relevant.
  • Database: MySQL 8.0.24 but probably not relevant
  • Web Server: IIS but probably not relevant.

Comments

It would be good if the setup could prompt for the tenant ID>

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking