Broken oauth2 workflow


  • Used Zammad version: 5.2.3
  • Used Zammad installation type: package
  • Operating system: CentOS 7.9
  • Browser + version: Google Chrome Version 106.0.5249.119

Expected behavior:

  • When the user is logged out and the client requests the oauth workflow via the /oauth/authorize url he should be presented with a login screen, after successfull login he should be redirected to the original redirect_uri.

Actual behavior:

Steps to reproduce the behavior:

  • Clean Zammad Installation

Additional Information

Am i doing something wrong here i remember someone in this forum mentioned it is “by design”? when i use other provider like facebook to access certain pages the workflow is as follows:

  • i click on “Login with Facebook”
  • a popup opens where i can login with my credentials
  • a consent screen is beeing displayed
  • i accept and then i get redirected to the original url from where i started the oauth workflow

If there are any additional information you need don´t hesitate to reply :slight_smile:

Does nobody have an idea? Are there any other ways to cleanly connect Zammad as an IDP? Or should one rather use SAML?

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.