OAuth providers error AADSTS50011 with Office 365 and Gmail

[Antonioblu]

Script URL:
Version of script: HESK 3.4.3, PHP 8.2.8 (MySQLi), MySQL 8.0.34
Hosting company: Azure Web app
URL of phpinfo.php: https://hesk-ticketing.azurewebsites.net/phpinfo.php
URL of session_test.php: -
What terms did you try when SEARCHING for a solution: OAuth, AADSTS50011, Office 365

Write your message below:

Hello,

I'm trying to setup the OAuth with Office 365, i follow the guide you provided (https://www.hesk.com/knowledgebase/?article=110) but i can't make it work... I've spend the whole day trying to find the error but can't find a solution

I'm getting the error "AADSTS50011" that we can also find on the guide but the solution given is actually not my problem, the link i provided it's correct, the only difference is HTTP and HTTPS, but for what i've read on Azure doc shouldn't be a problem. Otherwise the link is the one provided in the application when i try to register a new OAuth provider :
(Your OAuth Redirect URI for Hesk is:
http://hesk-ticketing.azurewebsites.net ... viders.php)
And it's the same URL when i'm in the oauth_providers.php page. The only difference is HTTP and on Azure you obviously can't add a Redirect Web URIs with HTTP. But it's defenetly the correct URL for the file oauth_providers.php.

I tried in both normal navigation and a private window on 2 different navigator (Chrome and Brave).
I also removed the authentication with Microsoft to the app.

I've also tried to add a OAuth provider with Google Gmail following the guide you provided and I'm getting the same error

Please someone can help me? I'm really happy with HESK and would love to find the solution and implement it in my new company

Error:
Sorry, but we’re having trouble with signing you in.

AADSTS50011: The redirect URI 'http://hesk-ticketing.azurewebsites.net ... viders.php' specified in the request does not match the redirect URIs configured for the application 'XXXXXXXX'. Make sure the redirect URI sent in the request matches one added to your application in the Azure portal. Navigate to https://aka.ms/redirectUriMismatchError to learn more about how to fix this.

[Klemen]

The AADSTS50011 error is one that Microsoft generates, not Hesk.

If you get this error, then the only known solution is to make 101% sure that the "Redirect URI" address in your Microsoft matches your Hesk's.

Based on this article the redirect URI must be HTTPS unless it's a localhost address:
https://learn.microsoft.com/en-us/entra ... /reply-url

[Antonioblu]

Yes I understand it's on Microsoft side,

But the request is generated from Hesk, i'm I wrong?

There's also a video on youtube and the only difference I can find is that the link provided by HESK in popup windows when registering a new provider is HTTP on my application and HTTPS on his tutorial.
https://www.youtube.com/watch?v=VjVxnHJ_ebg

My hesk:
Your OAuth Redirect URI for Hesk is:
http://hesk-ticketing.azurewebsites.net/admin/oauth_providers.php

In his tutorial:
Your OAuth Redirect URI for Hesk is:
https://.......

[Klemen]

Does it work if you access your admin panel using HTTPS?
https://hesk-ticketing.azurewebsites.net/admin

[Antonioblu]

I was accessing over HTTPS all the time, the whole app is over HTTPS.
I never used HTTP for this application and that's why I didn't understand why the request URI from HESK is over HTTP

[Klemen]

This means you have the HTTP version set in your Azure app setup.