Hi,

We have an Odoo/OpenERP v7 installation on a Debian server which is working well since one year. It is acessible on internet via a URL like : https://<FQDN>:8071/ (I have set nginx to enable SSL access). and evrything works well with local authentication.

We are now starting to use Windows Azure Active Directory as our IdM/IdP (and enforced multifactor authentication). WAAD can be set as an OAUTH2 provider for any web application that support it, as it complies to OAuth 2.0 RFC 6749 (http://msdn.microsoft.com/en-us/library/azure/dn645545.aspx). So we would like to use it to authenticate user in our OpenERP environment.

I have :

• created an OpenERP application link (and id) in WAAD console with the following settings:
  • Name : OpenERP
  • Connection URL : https://<FQDN>:8071/auth_oauth/signin
  • and a client ID has been generated by WAAD
  • WAAD is also providing me a list of different 'termination point' URL :
    • Federation metadata document
    • WS-FEDERATION connection endpoint
    • SAML-P login endpoint
    • SAML-P logout endpoint
    • WAAD Gaph API endpoint
    • OAUTH2 token endpoint
    • OAUTH2 Authorization endpoint
• enabled the oauth2 modules in OpenERP and 
• created a new oauth2 provider in OpenERP with the following settings:
  • Provider name: Windows Azure AD
  • Client Id: [the one provided by WAAD]
  • Allowed: enabled
  • Authentication URL: the WAAD OAUTH2 Authorization endpoint URL
  • Scope: empty, what should I provide here ?
  • Validation URL: the WAAD OAUTH2 token endpoint URL
  • Data URL: the WAAD Federation metadata document URL

When I go to the OpenERP login window, I do have now a link "Login with Azure AD", but when I click on it nothing happens. I am no redirected to any Windows Azure login window. And nothing is shown in the openerp.log file.

Could anybody help me on this setting ?

Thanks for your support,

Antoine.