Infos:
- Used Zammad version: 3.3.0-19
- Used Zammad installation source: docker-compose behind Traefik 2.0
- Operating system: Debian 9
- Browser + version: Firefox 75.0b12 , Chrome 81.0.4044.92 (Build officiel) (64 bits)
- office365 : Azure AD for Office 365
Expected behavior:
- To be redirect to the office365 portal for authentication
Actual behavior:
- An error raised “422: The change you wanted was rejected.”
When I click on the Office365 button, I get the error mentioned above.
I am trying to log in with my browser in private mode, so there is no cookie, and I am not authenticated in Office365.
Railssever Container Logs :
I, [2020-04-08T14:15:09.489863 #1-47214218168780] INFO -- : Started POST "/auth/microsoft_office365" for 172.19.0.7 at 2020-04-08 14:15:09 +0000
I, [2020-04-08T14:15:09.492965 #1-47214218168780] INFO -- : (microsoft_office365) Request phase initiated.
F, [2020-04-08T14:15:09.493705 #1-47214218168780] FATAL -- :
F, [2020-04-08T14:15:09.493733 #1-47214218168780] FATAL -- : ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
F, [2020-04-08T14:15:09.493744 #1-47214218168780] FATAL -- :
F, [2020-04-08T14:15:09.493765 #1-47214218168780] FATAL -- : omniauth-rails_csrf_protection (0.1.2) lib/omniauth/rails_csrf_protection/token_verifier.rb:34:in `call'
omniauth (1.9.0) lib/omniauth/strategy.rb:209:in `request_call'
Steps to reproduce the behavior:
- Add a new application in the Azure portal like in the microsoft documentation
- Create a new secret in the Azure portal.
- Set Client Id and Secret in Zammad settings/security/Third party
- Click on Office365 button