Hi, i have this specific problem after enabling SSO in lifetime using azure, the server is connected only to local network of my company and can only be accessed using VPN.
I already open proxy to the required url such as login.microsoft and other and testit directly from the server and it's connected successfully and after the activation, service center can login via azure, but the service studio cannot.
I tried to monitor it with wireshark but there is no tls handshake to azure when loggin with service studio, but got handshake successfully when login with service center.
I already setup all of the required URI to the azure too so there shouldn't be any problem
i already found the problem, the problems are not the prefered username, but the problems are because the windows app doesn't respect the proxy set in IIS, so the service studio cannot find a way out to contact microsoft entra.
The solution is to copy the proxy setting from web.config to machine.config
both file can be found in
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config
Hi,I remember having a similar issue.The problem was due to a misconfiguration in Lifetime User Management Authentication Settings.We were missing the "V2.0" part in the well known confguration URL.
Hi, Thanks for the reply,
unfortunately the URL is already setup correctly, i can login using Azure SSO to service center, but somehow the service studio didn't want to open microsoft login page when i click next,
when checking in service center i got this error message
When we were using the well-know configuration URL without the V2.0 part, we were also able to login to webApps (Servicecenter,lifetime) but not in desktop Apps (Service Studio). This made it hard to identify that the issue was actually being caused by the configuration.What scopes are supported in your current configuration ?
i got openid, profile, email, and offline_access
Thanks for the information. This seems to be correct.Is the configuration of the App Registration in Azure for Desktop and Mobile apps correctly set up, specifically the redirect URI's ?
yes it's already setup correctly, we already added the necessary url to the azure configuration
Is your browser being prompted for Microsoft Authentication when trying to log in to OutSystems Service Studio?
no, my browser is not being prompted for microsoft authentication when trying to log in to outsystems service studio, and the wireshark i show up there show there is no request to microsoft authentication either
Are you using the "preferred_username" as the username claim ?
no, i used email cause i used azure, and it's work in another server
Azure IdP = Microsoft Entra.You should try and use the preffered_username as the username claim. this is specifically indicated in the outsystems documentation that you need to use this claim when using microsoft or OKTA IdPAre you able to test it ?
ok i will try to test it