OAuth Redirect URL breaking change

There’s been a breaking change by Microsoft for OAuth.
Microsoft OAuth Redirect URL has new rules, coming after OAuth was added in Suite.
The Redirect URL may not contain a query string!
Also, public (domain) URLs must be secure (https). Insecure (http) is not accepted!
So in the Suite 8 OAuth documentation example Redirect URL: http://suite.mysite.tld/legacy/index.php?entryPoint=setExternalOAuthToken
…is now rejected in Microsoft Azure OAuth settings.
Same documentation for Suite 7, without the legacy part of the Redirect URL.
A fix is needed to get Microsoft OAuth working again.
Azure OAuth Redirect URL may not coontain a query string

1 Like

Did you open new PR/issue on the GitHub?

Yes, the issue is open now:

I only recently (last week) configured OAuth with MS Office365, and hat no problems with the redirect URL.

Interesting. Is it a localhost URL, or a publicly accessible domain? http or https? Organization or non-organization personal email accounts?

It is a not publicly accessible https URL. like https://suite.company.local/index.php?entryPoint=setExternalOAuthToken

Is your Azure app configured to allow only Organization email accounts? Or allow Personal email accounts (non-organization)?

You could provide your steps and some screenshots, so we could understand it better. :v:

I don’t know to be honest. It was our MS admin that configured it on the Microsoft side, I only did it on the SuiteCRM side. But I would guess only organisation emails.