OAuth registration/login via API endpoint - Azure AD


I have configured Azure AD to work as an OAuth provider for rocket chat which works fine in typical chat login scenario. Now I’m looking for a method to login to rocket chat via API endpoint (/api/v1/login) by passing a newly generated access token from Microsoft.
Although rocket chat had picked the oauth provider correctly, it prompts errors when retrieving profile data from Microsoft.
FYI - The same Microsoft endpoint(openid/userinfo) is used when registering and it works.


Body passed
{ "serviceName": "azureadoauth","accessToken": "AD_USER_GENERATED_ACCESS_TOKEN", "expiresIn": 3600 }


        "status": "error",
        "message": "Failed to fetch identity from azureadoauth at https://login.microsoftonline.com/common/openid/userinfo. failed [400]"

Thanks in advance

Greetings everyone!

If you are facing the same issue as above. You may have to re-configure the OAuth to work with access tokens. The path supports to pull data of a user from Microsoft is https://graph.microsoft.com/oidc/userinfo

Now change the Identity path to this in OAuth configuration.

Once configured, pass in the token you’ve gotten from Azure AD to API endpoint (/api/v1/login). It will log the user in and send all the details and a new token from Rocket chat

Hope this helped!