Try to set up third party authentication with Office 365


  • Used Zammad version: 3.3.0-19
  • Used Zammad installation source: docker-compose behind Traefik 2.0
  • Operating system: Debian 9
  • Browser + version: Firefox 75.0b12 , Chrome 81.0.4044.92 (Build officiel) (64 bits)
  • office365 : Azure AD for Office 365

Expected behavior:

  • To be redirect to the office365 portal for authentication

Actual behavior:

  • An error raised “422: The change you wanted was rejected.”

When I click on the Office365 button, I get the error mentioned above.

I am trying to log in with my browser in private mode, so there is no cookie, and I am not authenticated in Office365.

Railssever Container Logs :

I, [2020-04-08T14:15:09.489863 #1-47214218168780] INFO -- : Started POST "/auth/microsoft_office365" for at 2020-04-08 14:15:09 +0000
I, [2020-04-08T14:15:09.492965 #1-47214218168780] INFO -- : (microsoft_office365) Request phase initiated.
F, [2020-04-08T14:15:09.493705 #1-47214218168780] FATAL -- :
F, [2020-04-08T14:15:09.493733 #1-47214218168780] FATAL -- : ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
F, [2020-04-08T14:15:09.493744 #1-47214218168780] FATAL -- :
F, [2020-04-08T14:15:09.493765 #1-47214218168780] FATAL -- : omniauth-rails_csrf_protection (0.1.2) lib/omniauth/rails_csrf_protection/token_verifier.rb:34:in `call'
omniauth (1.9.0) lib/omniauth/strategy.rb:209:in `request_call'

Steps to reproduce the behavior:

  • Add a new application in the Azure portal like in the microsoft documentation
  • Create a new secret in the Azure portal.
  • Set Client Id and Secret in Zammad settings/security/Third party
  • Click on Office365 button

By trying to solved another issue, I’ve find the right configuration for my situation like described here -> Docker Treafik - csrf token validation failed

1 Like

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.