This repository provides an osTicket plugin for authentication using Microsoft 365 accounts, registered in an Azure Active Directory tenant.
The code is based on the auth-openid-MS
plugin. The original plugin didn't validate the received JSON Web Token, leaving it exposed to token forgery attacks. This version validates them using OpenID-Connect-PHP
and adds several useful new features.
To install the plugin, clone this repository into your osTicket instance's include/plugins/
directory. To upgrade to newer versions, simply use git pull
.
After installing it for the first time or upgrading to a newer version, use Composer to also update the dependencies:
composer install
You can then enable the plugin in your osTicket admin dashboard.