We are trying to use our E10 server as an OAuth2 provider for user access to our JetBrains suite of tools. The current Mattermost OAuth2 configuration is not exactly well documented and there isn’t much in the way of being able to find the mappings required for proper use. JetBrains has an OAuth2 requestor configuration and it requires the URLs for Token, UserData and Email. Also we need to know the mappings for the various fields and the scope.
I believe I saw a ticket open requesting further documentation of the endpoints, is this something that is in progress?
Unfortunately the JetBrains OAuth consumer requires a scope for it to even think about talking to the provider. I’m not sure if the OAuth2 service with Mattermost is scoped or not, but that’s a good shout about checking through the source code for the options. Once I can definitively determine that setting then I’m in a better place to be able to troubleshoot and possibly document the settings for other users to apply.
Found the ‘api’ scope seems to allow authorization. I’m getting a good auth, and the user account shows the proper OAuth application in the user settings, but now the redirect doesn’t seem to work. Getting an error that the selected team is not public (which is true) but it should be redirecting back to the callback URL. More investigation needed.
Seems to be a configuration problem on my end. The Not Public page is from a URL of https://<mattermost_host>/oauth/<callback_url> but I’m not quite sure why it’s prepending the URL of the mattermost server and not redirecting yet.