Office 365 quick login - no avatar picture

Hello. Can anybody confirm, what with current|latest Zamad installation (as on 09-oct-2019) users (customers) logged with Microsoft accounts has their picture in profile?
I did test for two users, login ok, but no picture.
Google login working fine, picture downloaded and showed in profile.
Thanks.
Vladimir

I just checked and can confirm this.

can you be so kind, as to share screenshots from MS portal, showing what scopes you assigned for web-application?
Thanks

ha! so odd.
My app is quite old by now and I no longer can see it (while I still can authenticate with it…)
I’ll add a new one, gotta update the docs in this regard anyway.

I’ll give feedback later on

Thank you for your patience.
During fiddling I used these permissions:

From what I understand, these should be enough to retreive the avatar.
However, even my Zammad no longer retreives it.

In my production log I can find this:

I, [2019-10-14T20:02:58.780694 #28209-86384140] INFO -- : Started GET "/auth/microsoft_office365/callback?code=[FILTERED]&state=72f0b00a7d74933abc23500e220313d22743f677249a52d2" for 666.666.666.666 at 2019-10-14 20:02:58 +0200
I, [2019-10-14T20:02:59.463086 #28209-86384140] INFO -- : Processing by SessionsController#create_omniauth as HTML
I, [2019-10-14T20:02:59.463130 #28209-86384140] INFO -- : Parameters: {"code"=>"[FILTERED]", "state"=>"72f0b00a7d74933abc23500e220313d22743f677249a52d2", "provider"=>"microsoft_office365"}
I, [2019-10-14T20:02:59.493222 #28209-86384140] INFO -- : Enqueued SearchIndexJob (Job ID: 81e0fe2f-bf68-4979-8b76-69adb73bf6e4) to DelayedJob(default) with arguments: "User", 29
I, [2019-10-14T20:02:59.748212 #28209-86384140] INFO -- : Can't fetch image for 'dirtylittlesecret@onmicrosoft.de' (maybe no avatar available), http code: 422
I, [2019-10-14T20:02:59.762253 #28209-86384140] INFO -- : Enqueued SearchIndexJob (Job ID: bc63c4ba-9c8d-4f4f-a71d-eec73ed9da45) to DelayedJob(default) with arguments: "User", 29
I, [2019-10-14T20:02:59.775430 #28209-86384140] INFO -- : Enqueued SearchIndexJob (Job ID: a2ad9b19-4a89-4d34-b5b0-061cbfc07df7) to DelayedJob(default) with arguments: "User", 29
I, [2019-10-14T20:02:59.777870 #28209-86384140] INFO -- : Redirected to https://xxxxxxx.zammad.com/
I, [2019-10-14T20:02:59.781908 #28209-86384140] INFO -- : Completed 302 Found in 319ms (ActiveRecord: 20.1ms)
I, [2019-10-14T20:02:59.816269 #28209-86383300] INFO -- : Started GET "/" for 195.201.98.123 at 2019-10-14 20:02:59 +0200
I, [2019-10-14T20:02:59.819878 #28209-86383300] INFO -- : Processing by InitController#index as HTML
I, [2019-10-14T20:02:59.822331 #28209-86383300] INFO -- : Rendering init/index.html.erb within layouts/application
I, [2019-10-14T20:02:59.822432 #28209-86383300] INFO -- : Rendered init/index.html.erb within layouts/application (0.0ms)
I, [2019-10-14T20:02:59.823892 #28209-86383300] INFO -- : Completed 200 OK in 4ms (Views: 0.9ms | ActiveRecord: 0.4ms)
I, [2019-10-14T20:03:00.054811 #28209-86383000] INFO -- : Started POST "/api/v1/signshow" for 195.201.98.123 at 2019-10-14 20:03:00 +0200
I, [2019-10-14T20:03:00.057277 #28209-86383000] INFO -- : Processing by SessionsController#show as JSON
I, [2019-10-14T20:03:00.057308 #28209-86383000] INFO -- : Parameters: {"fingerprint"=>"675738291"}

However, I think that this might be a third party issue of omniauth (which we’re using for authentication for those providers).

Could you be so kind and create a bug report on Github?
I’ll add the categories accordingly :slight_smile:

Edit:
I begin to believe that this is not something we can fix, I was fiddling with their graph console a bit and get this when trying to get my avatar:

Edit2: Yup, nothing we can fix, see:

Currently work and school accounts only.

OK. Thanks a lot for clearing this up.