Lee Hodges

Sorted! After binding the ssls.com cert to the IIS server and then changing the 'app_root_url' from: 'app_root_url' => isset($_SERVER['HTTP_HTTPS']) && $_SERVER['HTTP_HTTPS'] == 'On' ? 'https://(SSL cert SAN name) .com/itop/' : 'http://(server name)/itop/', to: 'app_root_url' => 'https://(SSL cert SAN name) .com/itop/', Then everything worked in HTTPS and clicking the Generate Token button actually created the token for my OAuth entry. Happy days. Thanks for all your help :-)

I am now working on getting HTTPS working and have installed a cert from ssls.com but this seems to be messing up the CSS again. I have changed the 'app_root_url' entry in the config file for the https to point to the DNS entry I made on the server to match the cert, but have so far left the HTTP as is because this is what people are still using internally. I think I may have to search SourceForge for this issue so I can solve it and return here if I still need to...

Sorry for the late reply. I've tried this, adding 'localhost' into the URL in place of the server name, but this has an odd effect on CSS (maybe) as there's now little squares everywhere and whilst the menu can be selected, it doesn't do anything. #FallingDowntheRabittHole! ;-)

Sorry - yes, this produces a more pertanent response: oauth_connect.js?t=1734947772.5539:47 Unsafe attempt to initiate navigation for frame with origin 'http://localhost' from frame with URL 'http://(redacted server name)/itop/pages/UI.php?operation=details&class=OAuthClientAzure&id=8&c[menu]=OAuthClient'. The frame attempting navigation is neither same-origin with the target, nor is it the target's parent or opener.

I thought that too. Nothing much on the OAuth page (see attached)

Well, I do see this when I hit F12 on the blank screen (after requesting to generate the access token): "Access to font at 'http://(redacted)/itop/css/font-combodo/combodo-webfont.woff2?v=2.1' from origin 'http://localhost' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.Understand this errorAI combodo-webfont.woff2:1 Failed to load resource: net::ERR_FAILED" (edited to say: I wonder if this is because the "Access to font at 'http://(redacted)'...

Well, I do see this when I hit F12 on the blank screen (after requesting to generate the access token): "Access to font at 'http://(redacted)/itop/css/font-combodo/combodo-webfont.woff2?v=2.1' from origin 'http://localhost' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.Understand this errorAI combodo-webfont.woff2:1 Failed to load resource: net::ERR_FAILED" There are several of these with slightly different values: Access to font at...

Hi Stephen FYI: iTop version 3.1.1-1-12561 built on 2023-12-19 10:53:23 MySQL: 8.0.37 PHP: 8.1.28