I have a local
docker-compose based setup to test authentication against Azure AD (Office365). On the Azure AD side, I created a Concourse application and set
https://127.0.0.1/sky/issuer/callback as reply URLs.
docker-compose.yml, I have the following environment variables configured:
- CONCOURSE_OAUTH_DISPLAY_NAME='Our Office 365' - CONCOURSE_OAUTH_CLIENT_ID=<redacted client id> - CONCOURSE_OAUTH_CLIENT_SECRET=<redacted client secret> - CONCOURSE_OAUTH_AUTH_URL=https://login.microsoftonline.com/<redacted app id>/oauth2/authorize - CONCOURSE_OAUTH_TOKEN_URL=https://login.microsoftonline.com/<redacted app id>/oauth2/token - CONCOURSE_MAIN_TEAM_OAUTH_USERfirstname.lastname@example.org
When trying to login with my email address, I go through the flow to end with the following error in Concourse:
Internal Server Error: Failed to return user's identity.
I assume I miss some setting like
CONCOURSE_OAUTH_SCOPE, but I don’t know which value to use for Azure AD. Can anyone help?