I still have problems with jamf connect 2.6.0 and the message Invalid Request: when
<key>OIDCNewPassword</key>
<false/>
As soon as is change to true it works correct.
What am I doing worng? Here is my Plist:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>OIDCDefaultLocal</key>
<false/>
<key>OIDCNewPassword</key>
<false/>
<key>OIDCUsePassthroughAuth</key>
<true/>
<key>OIDCProvider</key>
<string>Azure</string>
<key>OIDCClientID</key>
<string>XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX</string>
<key>OIDCROPGID</key>
<string>XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX</string>
<key>OIDCRedirectURI</key>
<string>https://0.0.0.0/jamfconnect</string>
<key>OIDCAdmin</key>
<string/>
<key>OIDCAdminAttribute</key>
<string>roles</string>
<key>OIDCClientSecret</key>
<string>XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX</string>
<key>OIDCIgnoreAdmin</key>
<false/>
<key>OIDCTenant</key>
<string>XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX</string>
<key>OIDCDiscoveryURL</key>
<string/>
<key>OIDCIgnoreCookies</key>
<false/>
<key>AuthServer</key>
<string/>
<key>OIDCAuthServer</key>
<string/>
<key>OIDCAccessClientID</key>
<string/>
<key>OIDCAdminClientID</key>
<string/>
<key>OIDCSecondaryLoginClientID</key>
<string/>
<key>OIDCScopes</key>
<string/>
<key>OIDCShortName</key>
<string/>
<key>OIDCROPGShortName</key>
<string/>
<key>OIDCIDTokenPath</key>
<string/>
<key>OIDCIDTokenPathRaw</key>
<string/>
<key>CreateJamfConnectPassword</key>
<true/>
<key>LocalFallback</key>
<true/>
<key>MessageOTPEntry</key>
<string/>
<key>CreateAdminUser</key>
<false/>
<key>DemobilizeUsers</key>
<false/>
<key>DenyLocal</key>
<true/>
<key>DenyLocalExcluded</key>
<array/>
<key>LicenseFile</key>
<string/>
<key>LAPSUser</key>
<string/>
<key>LDAPOverSSL</key>
<false/>
<key>Migrate</key>
<false/>
<key>MigrateUsersHide</key>
<array/>
<key>RightsTmpCache</key>
<false/>
<key>UIDTool</key>
<string/>
<key>BackgroundImage</key>
<string/>
<key>LoginLogo</key>
<string/>
<key>LoginWindowMessage</key>
<string/>
<key>AllowNetworkSelection</key>
<true/>
<key>HelpURL</key>
<string/>
<key>HelpURLLogo</key>
<string/>
<key>LocalHelpFile</key>
<string/>
<key>EULAFilePath</key>
<string/>
<key>EULAPath</key>
<string/>
<key>EULAText</key>
<string/>
<key>EULATitle</key>
<string/>
<key>EULASubTitle</key>
<string/>
<key>EnableFDE</key>
<false/>
<key>EnableFDERecoveryKey</key>
<false/>
<key>EnableFDERecoveryKeyPath</key>
<string/>
<key>AuthUIOIDCProvider</key>
<string/>
<key>AuthUIOIDCClientID</key>
<string/>
<key>AuthUIOIDCRedirectURI</key>
<string/>
<key>AuthUIOIDCTenant</key>
<string/>
<key>AuthUIOIDCClientSecret</key>
<string/>
<key>AuthUIOIDCDiscoveryURL</key>
<string/>
<key>ScriptArgs</key>
<string/>
<key>ScriptPath</key>
<string/>
<key>ROPGProvider</key>
<string>Azure_v2</string>
<key>ROPGTenant</key>
<string>XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX</string>
<key>ROPGDiscoveryURL</key>
<string/>
<key>ROPGRedirectURI</key>
<string>https://127.0.0.1/jamfconnect</string>
<key>ROPGClientSecret</key>
<string>XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX</string>
<key>ROPGSuccessCodes</key>
<array/>
<key>MFAExcluded</key>
<array/>
<key>MFARename</key>
<dict>
<key>call</key>
<string/>
<key>email</key>
<string/>
<key>push</key>
<string/>
<key>question</key>
<string/>
<key>sms</key>
<string/>
<key>hardwareToken</key>
<string/>
<key>hotpToken</key>
<string/>
<key>okta:token:software:totp</key>
<string/>
<key>google:token:software:totp</key>
<string/>
<key>token</key>
<string/>
<key>u2f</key>
<string/>
<key>web</key>
<string/>
<key>webauthn</key>
<string/>
</dict>
</dict>
</plist>
Thankfull for every hint.