FAQ content

LibAuth: Testing and troubleshooting a Microsoft OAuth 2 configuration

In this article

Getting there

  1. From the LibApps Dashboard, go to Admin > LibAuth Authentication.
  2. Click on the Edit () icon in the Actions column for the configuration you want to manage.
Editing a LibAuth configuration

Testing your configuration

After creating or modifying your LibAuth configuration, it's always a good idea to test it. This will confirm whether or not LibAuth can connect to your authentication system and that your system is returning the necessary attributes to LibAuth. The testing tool will provide debugging info that you can use to troubleshoot any issues.

  1. Save your configuration, then click on the Test button in the Test This Configuration box at the top of the page and log in using credentials for your SSO.
Screenshot of the Test button
  1. Once you log into your system, you will then receive a summary of test results. This will indicate whether or not you are logged in, as well as debug info to help you troubleshoot any problems. For example, it will indicate any attributes that were not successfully released by your server or correctly mapped in your configuration.
Example of debugging information

What if I can't log in?

  • Double-check that you entered your username and password correctly.
  • Confirm that you've used the correct authorized redirect URL in your OAuth 2 application.
  • Confirm that you have used the correct client identifier and secret for your OAuth 2 application.
  • Confirm that you entered the correct authorization,  and access token endpoints for your OAuth 2 system.

LibAuth did not receive our attributes. How do I know if they were released?

When testing your configuration, the debug information contains a raw_response array. If the attributes are being released, they will be listed here. However, if the array contains no data (i.e. there's nothing between the curly braces), then the attributes are not being released. Contact your IT staff to ensure that the attributes are being released to LibAuth.

Example of a LibAuth response with no attributes
Example of a LibAuth response with no attributes

Microsoft Azure configuration's request body is missing the 'scope' parameter

For configurations using Microsoft Azure, you may see a "The request body must contain the following parameter: 'scope'." error message when testing the configuration. If this happens, you need to append a scope parameter to the Authorization URL. We recommend using: ?scope=https://graph.microsoft.com/user.read. This URL would look like: https://login.microsoftonline.com/{some long identifier}/oauth2/v2.0/authorize?scope=https://graph.microsoft.com/user.read