OpenID MAIN_AUTHENTICATION_OPENID_URL Error

We’re trying to authenticate using OpenID with Microsoft/Azure AD Graph for Office 365 users.
I’ve registered the app, set $dolibarr_main_authentication='openid,dolibarr'; in conf.php and receive the following error.

“You setup Dolibarr config file to allow OpenID authentication, but URL of OpenID service is not defined into constant MAIN_AUTHENTICATION_OPENID_URL”

So, I’ve tried the following in conf.php with the same error as above.

$dolibarr_main_auth_openid_host='https://login.microsoftonline.com/xxxxxxxxxxx';
$dolibarr_main_auth_openid_url='https://login.microsoftonline.com/xxxxxxxxxxx';
$dolibarr_main_authentication _openid_url='https://login.microsoftonline.com/xxxxxxxxxxx';

I’ve seen url= lines in openid.class.php but would rather ask for some help at this point before I end up rewriting every php file in Dolibarr…

constant values are to be defined in Home-Setup-Other Setup

1 Like

Thank you very much quid. It worked perfectly.

I had stared at Other Setup a couple times but neither OpenID or MAIN_AUTHENTICATION_OPENID_URL were listed under the known hidden options so I held tight,
https://wiki.dolibarr.org/index.php/Setup_Other#List_of_known_hidden_options

Hi,

I have configured for Office365 Authentication with OpenID but after validate login on Azure, i comeback to authentification page of Dolibarr.

My return URL seems wrong.

Thanks for idea

Icemiota

Hi,

I’m new to administering Dolibarr and admin our Office 365 subscription.
Was trying to connect our Dolibarr installation with SSO on O365

I’ve created the App registration in Azure
On the App-screen looked up the ‘end-point urls’
Copied the OAuth 2.0 Autorization Endpoint (v2.0) value

Changed the /conf/conf.php file

$dolibarr_main_authentication='openid,dolibarr';

Went to the admin console and added the variables:
Pasted the OAuth 2.0 Autorization Endpoint (v2.0) value as variable

MAIN_AUTHENTICATION_OPENID_URL : https://login.microsoftonline.com/######/oauth2/v2.0/authorize

Now the login-screen changed and I can choose OpenId.
But when i click on ‘OpenID’ I get a redirect to O365-page with the following error:

AADSTS900144: The request body must contain the following parameter: 'client_id'.

Got a little stuck here… Any ideas?

Hi,

I’ve just installed a new instance of Dolibarr.
Now looking to Sigle-Signon options with Office 365.
Read this forum topic but couldn’t get it working.

Created a App in our Azure environment.
Looked up the endpoint config.
Came up with

https://login.microsoftonline.com/#################/oauth2/v2.0/authorize

Altered the conf/conf/php file to:

$dolibarr_main_authentication='openid,dolibarr';

Looking at the variables mentioned in this topic I tried all three, but i’m not sure what values to use.

MAIN_AUTHENTICATION_OPENID_URL : https://login.microsoftonline.com/#################/oauth2/v2.0/authorize

With this settings I got the login-link on the login-page.
But then I got stuck… Got redirected to the microsoft page with the following error:

AADSTS900144: The request body must contain the following parameter: 'client_id'.

Any tips?

Hi Alex,

Did you manage to solve the issue regarding:

AADSTS900144: The request body must contain the following parameter: ‘client_id’.

I’m having the same issue.

Thanks!