I'm attempting to configure guacamole to authenticate with azure ad openid but I seem to be running into issues.
After configuring openid it just seems to loop over and over again from its local instance to azure and then back... then eventually says cannot login. So im wondering if I have something wrong in guac or if its an issue in the app registration setup. I have nginx setup as a reverse proxy. Everything was verified working before adding openid to the mix. I have downloaded guacamole-auth-openid-1.3.0.jar and renamed it to 000-guacamole-auth-openid-1.3.0.jar per some thing I saw online suggesting it. Guacamole.properties openid-authorization-endpoint:https://login.microsoftonline.com/{tennentid}/oauth2/v2.0/authorize openid-jwks-endpoint:https://login.microsoftonline.com/{tennentid}/discovery/v2.0/keys openid-issuer:https://login.microsoftonline.com/{tennentid} openid-client-id:{clientid of app} openid-redirect-uri:https://Hostname/guacamole/ on the azure front I have created an app registration Added a web platform that redirects to https://Hostname/guacamole/ And added Implement grant and hybrid flows (ID tokens) And have enabled public clients flows Any insight if optional claims are needed? And if so what ones? Thanks in advance for any guidance you can provide. Best Regards, Daniel Walters Sr. Systems Admin 866.421.2374 ext. 6213 [Omingo Logo] 7625 S Howell Ave, Oak Creek, WI 53154 www.omnigo.com<http://www.omnigo.com/> [cid:image002.png@01D7680D.88654240][cid:image003.png@01D7680D.88654240] [cid:image004.png@01D7680D.88654240]
