I am having a weird problem where I have configured an OAuth2 V2.0 SSO connector in my app.
If I pre-create the account in the database, the SSO works fine. User clicks on the SSO button, and is taken through to the app.
If however, I enable self registrations, when the user logs in for the first time, the account gets created in Knack, and it pulls all the correct information (email, First & Last name) and creates the account correctly in Knack. But instead of taking the user through to the application, it gets stuck on a loading screen and enver proceeds further.
The URL in the web browser is some long 900char
https://[urlbase]/appname/code=xxxxxxxxxxxxxxxxxx&state=xxxxxx&session_state=xxxxxxxx
I have managed to intercept a working account (ie from a pre-created account in Knack), and I get a real similar URL (same long url with code, and state & session_state at the end) before getting the knack logging in gif, and then proceeding to display the app.
Its like the Knack App has received the token, but then doesnt know what to do with it and instead just hangs and never logs in.
Another theory is that the knack DB is creating some unique identifier that I cant see which isnt included in the claim. Not too sure (im not a web developer).
My Connection properties are
https://login.microsoftonline.com/[tenantID]/oauth2/v2.0/authorize?scope=openid+profile
https://login.microsoftonline.com/[tenantID]/oauth2/v2.0/token
My Claims properties are as below: (although I have tried ID in the IDProperty as well, but same result)
So I am confident the AzureAD SSO part is working. Especially because it works if I precreate the account. Azure Sign-in logs all show success with no errors so the authentication is happening, and it seems to be passing through the correct tokens.
Any one who knows the answer to this would be amazing. For this particular app, its not a big deal if I have to pre-create the users as its used by 5 people and turn over is extremely low. But its more for future apps I create in here.