Small change to OAuth2 plugin to keep an eye on.
We have recently rectified a non-standard practice that we have been doing in our API calls during OAuth2 Authentication. We have been passing cookies in our requests to Authentication Servers. In general, this has not had any negative impact on any of our customers until this week when Pipedrive's SSO went on line and didn't work because cookies we were passing were confusing their Authentication Server. So we decided to stop passing cookies during OAuth2 connections.
Again, this should not affect anyone, but if it does there is a fix: https://staff.vanillaforums.com/kb/articles/159-config-101#pass-cookies-in-api-request-on-oauth2
The symptoms would be in the middle of their connecting they receive one of the "Oops" screens on /entry/oauth2 or /entry/connect/oauth2 .
If you do have to update a customer's config to fix this, please let us know in the comments below. If no one is affected by the change we will eventually remove this config.
Comments
-
@patrick_kelly We had a report today that (in the timeframe that this change was made it seems) some of Smartsheet's users were affected. Ticket reference (with details and screenshots/videos, it seems that it was happening on the entry/connect page): https://higherlogic.zendesk.com/agent/tickets/321527. I've made the config change suggested and asked Smartsheet to let us know if the issue persists.
0 -
I've looked into this one and it turns out that they are not on the code branch that has the change. They are on 2022.014 and the change went out on 2022.015, so the problem must be something else. But thanks @ElizeRowe
0