MantisBT - TestLink
View Issue Details
0008591TestLinkUser Authentication Methodspublic2019-03-08 17:332020-05-24 09:34
normalfeature requestN/A
1.9.19 (2019 Q1) 
0008591: OAuth enhancement - microsoft oauth provider
Added oauth provider configuration and code to enable authentication using Microsoft accounts

Added new file microsoftoauth.php (copied relevant sections from login.php) to cater for Microsoft configuration that does not allow redirectURL to contain querystring for security purposes.

Pull request [^]
Issue History
2019-03-08 17:33buzzlightyearNew Issue
2019-03-09 13:27buzzlightyearNote Added: 0028580
2019-03-09 13:31buzzlightyearNote Edited: 0028580bug_revision_view_page.php?bugnote_id=28580#r5762
2019-03-09 13:34buzzlightyearNote Added: 0028581
2019-03-09 13:56buzzlightyearNote Added: 0028582
2019-03-14 20:52fmanNote Added: 0028600
2020-04-21 17:59fmanNote Added: 0029614
2020-04-21 17:59fmanQA Team - Task Workflow Status => TBD
2020-04-21 17:59fmanFixed in Version => 1.9.20_fixed
2020-04-21 17:59fmanStatusnew => resolved
2020-04-21 17:59fmanResolutionopen => fixed
2020-04-21 17:59fmanAssigned To => fman
2020-05-24 09:34fmanTag Attached: OAUTH

2019-03-09 13:27   
(edited on: 2019-03-09 13:31)
1. To register an application go to [^]
2. After signing in with your Microsoft account add an application by clicking Add an app.
3. Enter a name for your application and click Create Application
4. The application will be created, and the application details page will be displayed, which will list the Application Id. Click Generate New Password to generate a new password. The generated password will be displayed, copy it to configure it later in TestLink and click Ok
5. Under Platforms click Add Platform and click Web
6. Enter https://yourtestlinkserver/microsoftoauth.php [^] in the Redirect URL and https://yourtestlinkserver [^] in the Logout URL. The User.Read should be displayed under Microsoft Graph permissions by default, click Save at the bottom of the page to store all the changes.
7. Connect to your testlink server, open in a text editor and uncomment the $tlCfg->OAuthServers[1] lines referring to Microsoft below the Github OAuth section
8. Set the oauth_client_id value to the Application Id from
9. Set the oauth_client_secret to the password generated in step 4.
10. Set the redirect_uri to the same value configured in the Redirect URL in step 6.
11. Save the config, and browse to the main page of your TestLink installation using your browser. You should see another button below the normal Log in button with the name Sign in with Microsoft. Click it, and you will be prompted for your Microsoft account details, after which you will have to give consent to the app (TestLink) to read your profile.
12. Click Yes, and you should be returned to your TestLink instance, and be logged in with a user with guest role.
13. You can change this to by default create a user with no rights, by editing and changing the value of $tlCfg->default_roleid to TL_ROLES_NO_RIGHTS;


P.S. Microsoft might prompt (irritate?!) you to view the App configuration in the Azure portal, the instructions above is not for the Azure portal but for [^]

2019-03-09 13:34   
Should you be viewing/editing via Azure, your applications can be viewed by nagigating to [^] and clicking the Applications from personal account next to All applications and Own applications. I've noticed that my application was NOT listed under All applications, only under Applications from personal account.
2019-03-09 13:56   
It is possible to use both Office365 accounts as well as personal Microsoft accounts to authenticate. I configured my application using a free personal Microsoft account.
2019-03-14 20:52   
Thanks for the details you have added.
2020-04-21 17:59   
Implementation refactored -> microsoftoauth.php removed
tested OK @20200421