Microsoft Azure sign-in authentication - Access Denied #5359
Comments
|
Hi @hedshefer |
|
Thanks for reaching out. I also see you have a support ticket open. Without testing on your database, I cannot see what you have configured. Just a few things to consider while the support team and I work on your issue: For the Supported account types this selection may vary based on your end use and Microsoft account type. We will make a warning note in the doc clarifying this (for both internal users and portal users). What is your login end goal (organizational users or portal customers)? What type of Microsoft account do you have? Choose "Personal Microsoft accounts only" if the target audience is meant for portal users. Choose "Accounts in this organizational directory only (Default Directory only - Single tenant)" if the target audience is company users. Have you input the system parameter in Odoo yet? This is often the case for an access denied error.
Your question in Odoo Ticket #3458265
This means that the administrator of the account (DB) should not set up Azure Oauth for because it will cause impotent admin (unable to manage the db). Azure Oauth should be set up for your users but not the administrator of the DB. Additionally can you send over a screenshot of your Oauth configuration in Odoo? Also if you're able to, can you send screenshots of the Azure dashboard (Overview of the app (essentials page), Authentication page, and the Endpoints page)? Please attach them to the support ticket as PII would be revealed on Github. I have opened a Pull Request to update the document to include the free portal users. It can be viewed here: Azure Oauth Update I will continue testing and await the support ticket to be assigned to work with the analyst on the issue. I hope this is helpful. As always reach out should you need further assistance or if you're not able to resolve this issue. Thanks, Tim 👍 CC: @StraubCreative |
|
Hi, Indeed, the system parameter auth_oauth.authorization_header was missing. Thank you! Regarding the admin user warning - Does it apply only to saas (odoo.com) or to any database on Odoo.SH as well? Does "admin" refer to every user in the "base.group_system" access group? |
|
Thanks for your reply. Glad your issue is fixed. The statement refers to admin who created the database and has it attached to their Odoo account. This does apply to Odoo SH account users as well. Admin would have the DB listed in "My Databases" and for SH: the admin who created the DB in the sandbox or production. Please don't hesitate to reach out should you have any other questions. Warmest, CC: @StraubCreative |
Hi,
We have followed the Odoo documentation:
https://www.odoo.com/documentation/16.0/applications/general/auth/azure.html#microsoft-azure-sign-in-authentication
Then, we got 'access denied' error and the following error in the log:
odoo.addons.auth_oauth.controllers.main: OAuth2: invalid_request
Traceback (most recent call last):
File "/home/odoo/src/odoo/addons/auth_oauth/controllers/main.py", line 134, in signin
db, login, key = env['res.users'].sudo().auth_oauth(provider, kw)
File "/home/odoo/src/odoo/addons/auth_oauth/models/res_users.py", line 124, in auth_oauth
validation = self._auth_oauth_validate(provider, access_token)
File "/home/odoo/src/odoo/addons/auth_oauth/models/res_users.py", line 49, in _auth_oauth_validate
raise Exception(validation['error'])
Exception: invalid_request
Odoo Ticket #3458265
@tiku-odoo @StraubCreative
The text was updated successfully, but these errors were encountered: