rvaneerdewijk

I've tried setting the OAUTH_STATE_TOKEN_SECRET and OAUTH_STATE_TOKEN_STALE_TOLERANCE_SECONDS parameters. I'm still ending up with the 'email' error. The "OAuth State token is too stale" error seems to be delayed by however...

I've exported the contents of 'profile' by adding the following lines afterward: ``` with open('/tmp/profile_json.txt', 'w') as jsonfile: jsonfile.write(json.dumps(profile)) ``` Sure enough, "email" is not there. What is there: aio...

I guess that would mean modifying the OAuth scope to change "email" to "upn" and any reference to profile["email"] to profile["upn"]?

Actually, figured out a much simpler solution... followed up the line: ` profile = r.json()` with: ` profile["email"] = profile["upn"]` I am able to log in now!

Correct that all sounds right. On the Azure side, the app registration is configured as follows... Redirect URI = same as OAUTH2_REDIRECT_URI below Checkboxes checked: - Access tokens - ID...

@Syesad check my Azure thread. Maybe something I did there will help you. Thanks for @havron for the input!