Support to fix Azure AD connection failure #3522

New Issue

Closed

opened 2026-02-05 06:58:18 +03:00 by OVERLORD · 4 comments

OVERLORD commented 2026-02-05 06:58:18 +03:00

Owner

Copy Link

Originally created by @fabionzn on GitHub (Feb 20, 2023).

Attempted Debugging

• I have read the debugging page

Searched GitHub Issues

• I have searched GitHub for the issue.

Describe the Scenario

Hi there,

I was not able, so far, to find a solution even with Microsoft support. I am trying to add as a third-party authentication Azure AD using vi docker image, current version 22.04, in Kubernetes, but even after reading and following the steps here (https://www.bookstackapp.com/docs/admin/third-party-auth/#azuread-microsoft) I keep getting, IMHO, a generic error from Azure AD and also I did not found anything different in Bookstack logs that help me out to fix it or, at least, a workaround.

The error says:

Error received during azure login: AADSTS650051: Invalid domain name in the request url. Trace ID: 37e3b829-0f00-4e42-96f9-9bfeb7090c00 Correlation ID: efd1e68f-5dfe-4175-b71a-1fd52794a9be Timestamp: 2023-02-17 13:06:33Z

My firsts thoughts were that error might be because of the docker image version that I was using and that I was trying to use localhost, but even after upgrading the version to a new one and using a valid URL domain or the same domain that I want to authenticate (I know that there is no need, but desperate times request desperate measures) returns this failure message. The BookStack documentation about how to configure did not show if there is any other dependency (such as more permissions) and Microsoft support believes that this might be an application issue. Reading the debug link (https://www.bookstackapp.com/docs/admin/debugging/) farthest that I was able to the laravel log below and change APP_DEBUG to true looks like that returns the same pieces of information.

At Azure the only thing that was not in the documentation is that we choose to use a single tenant (who works only for our organization), do you guys have any idea what is going on there?

Exact BookStack Version

22.04

Log Content

[2023-02-20 13:13:05] production.ERROR: Error received during azure login:
AADSTS650051: Invalid domain name in the request url.
Trace ID: 573eefdf-7345-4d07-a32e-89bd81045300
Correlation ID: 4cf42653-7ba0-4844-9647-ab568ccdea0b
Timestamp: 2023-02-20 13:13:04Z {"exception":"[object] (BookStack\\Exceptions\\SocialSignInException(code: 0): Error received during azure login:
AADSTS650051: Invalid domain name in the request url.

Trace ID: 573eefdf-7345-4d07-a32e-89bd81045300

Correlation ID: 4cf42653-7ba0-4844-9647-ab568ccdea0b

Timestamp: 2023-02-20 13:13:04Z at /var/www/bookstack/app/Http/Controllers/Auth/SocialController.php:78)
[stacktrace]
#0 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Controller.php(54): BookStack\\Http\\Controllers\\Auth\\SocialController->callback(Object(BookStack\\Http\\Request), 'azure')
#1 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(45): Illuminate\\Routing\\Controller->callAction('callback', Array)
#2 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Route.php(261): Illuminate\\Routing\\ControllerDispatcher->dispatch(Object(Illuminate\\Routing\\Route), Object(BookStack\\Http\\Controllers\\Auth\\SocialController), 'callback')
#3 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Route.php(205): Illuminate\\Routing\\Route->runController()
#4 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(721): Illuminate\\Routing\\Route->run()
#5 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\\Routing\\Router->Illuminate\\Routing\\{closure}(Object(BookStack\\Http\\Request))
#6 /var/www/bookstack/app/Http/Middleware/Localization.php(45): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request))
#7 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\\Http\\Middleware\\Localization->handle(Object(BookStack\\Http\\Request), Object(Closure))
#8 /var/www/bookstack/app/Http/Middleware/RunThemeActions.php(26): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request))
#9 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\\Http\\Middleware\\RunThemeActions->handle(Object(BookStack\\Http\\Request), Object(Closure))
#10 /var/www/bookstack/app/Http/Middleware/CheckEmailConfirmed.php(47): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request))
#11 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\\Http\\Middleware\\CheckEmailConfirmed->handle(Object(BookStack\\Http\\Request), Object(Closure))
#12 /var/www/bookstack/app/Http/Middleware/PreventAuthenticatedResponseCaching.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request))
#13 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\\Http\\Middleware\\PreventAuthenticatedResponseCaching->handle(Object(BookStack\\Http\\Request), Object(Closure))
#14 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php(78): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request))
#15 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\VerifyCsrfToken->handle(Object(BookStack\\Http\\Request), Object(Closure))
#16 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php(49): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request))
#17 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\View\\Middleware\\ShareErrorsFromSession->handle(Object(BookStack\\Http\\Request), Object(Closure))
#18 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(121): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request))
#19 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(64): Illuminate\\Session\\Middleware\\StartSession->handleStatefulRequest(Object(BookStack\\Http\\Request), Object(Illuminate\\Session\\Store), Object(Closure))
#20 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Session\\Middleware\\StartSession->handle(Object(BookStack\\Http\\Request), Object(Closure))
#21 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request))
#22 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Cookie\\Middleware\\AddQueuedCookiesToResponse->handle(Object(BookStack\\Http\\Request), Object(Closure))
#23 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(67): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request))
#24 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Cookie\\Middleware\\EncryptCookies->handle(Object(BookStack\\Http\\Request), Object(Closure))
#25 /var/www/bookstack/app/Http/Middleware/ApplyCspRules.php(33): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request))
#26 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\\Http\\Middleware\\ApplyCspRules->handle(Object(BookStack\\Http\\Request), Object(Closure))
#27 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request))
#28 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(719): Illuminate\\Pipeline\\Pipeline->then(Object(Closure))
#29 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(698): Illuminate\\Routing\\Router->runRouteWithinStack(Object(Illuminate\\Routing\\Route), Object(BookStack\\Http\\Request))
#30 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(662): Illuminate\\Routing\\Router->runRoute(Object(BookStack\\Http\\Request), Object(Illuminate\\Routing\\Route))
#31 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(651): Illuminate\\Routing\\Router->dispatchToRoute(Object(BookStack\\Http\\Request))
#32 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(167): Illuminate\\Routing\\Router->dispatch(Object(BookStack\\Http\\Request))
#33 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\\Foundation\\Http\\Kernel->Illuminate\\Foundation\\Http\\{closure}(Object(BookStack\\Http\\Request))
#34 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Http/Middleware/TrustProxies.php(39): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request))
#35 /var/www/bookstack/app/Http/Middleware/TrustProxies.php(41): Illuminate\\Http\\Middleware\\TrustProxies->handle(Object(BookStack\\Http\\Request), Object(Closure))
#36 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\\Http\\Middleware\\TrustProxies->handle(Object(BookStack\\Http\\Request), Object(Closure))
#37 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request))
#38 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TrimStrings.php(40): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle(Object(BookStack\\Http\\Request), Object(Closure))
#39 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TrimStrings->handle(Object(BookStack\\Http\\Request), Object(Closure))
#40 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request))
#41 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize->handle(Object(BookStack\\Http\\Request), Object(Closure))
#42 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/PreventRequestsDuringMaintenance.php(86): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request))
#43 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\PreventRequestsDuringMaintenance->handle(Object(BookStack\\Http\\Request), Object(Closure))
#44 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request))
#45 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(142): Illuminate\\Pipeline\\Pipeline->then(Object(Closure))
#46 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(111): Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter(Object(BookStack\\Http\\Request))
#47 /var/www/bookstack/public/index.php(52): Illuminate\\Foundation\\Http\\Kernel->handle(Object(BookStack\\Http\\Request))
#48 {main}
"}

PHP Version

8.2.2

Hosting Environment

Following Dockerfile, since is under Kubernetes the volumes values and the access to it were configured in the cluster:

FROM solidnerd/bookstack:22.04

ARG DB_HOST
ARG DB_DATABASE
ARG DB_USERNAME
ARG DB_PASSWORD
ARG APP_URL
ARG AZURE_APP_ID
ARG AZURE_APP_SECRET
ARG AZURE_TENANT

ENV DB_HOST=${DB_HOST} \
    DB_DATABASE=${DB_DATABASE} \
    DB_USERNAME=${DB_USERNAME} \
    DB_PASSWORD=${DB_PASSWORD} \
    APP_URL=${APP_URL} \
    AZURE_APP_ID=${AZURE_APP_ID} \
    AZURE_APP_SECRET=${AZURE_APP_SECRET} \
    AZURE_TENANT=${AZURE_TENANT}

EXPOSE 8080

Originally created by @fabionzn on GitHub (Feb 20, 2023). ### Attempted Debugging - [X] I have read the debugging page ### Searched GitHub Issues - [X] I have searched GitHub for the issue. ### Describe the Scenario Hi there, I was not able, so far, to find a solution even with Microsoft support. I am trying to add as a third-party authentication Azure AD using vi docker image, current version 22.04, in Kubernetes, but even after reading and following the steps here (https://www.bookstackapp.com/docs/admin/third-party-auth/#azuread-microsoft) I keep getting, IMHO, a generic error from Azure AD and also I did not found anything different in Bookstack logs that help me out to fix it or, at least, a workaround. The error says: ``` Error received during azure login: AADSTS650051: Invalid domain name in the request url. Trace ID: 37e3b829-0f00-4e42-96f9-9bfeb7090c00 Correlation ID: efd1e68f-5dfe-4175-b71a-1fd52794a9be Timestamp: 2023-02-17 13:06:33Z ``` My firsts thoughts were that error might be because of the docker image version that I was using and that I was trying to use localhost, but even after upgrading the version to a new one and using a valid URL domain or the same domain that I want to authenticate (I know that there is no need, but desperate times request desperate measures) returns this failure message. The BookStack documentation about how to configure did not show if there is any other dependency (such as more permissions) and Microsoft support believes that this might be an application issue. Reading the debug link (https://www.bookstackapp.com/docs/admin/debugging/) farthest that I was able to the laravel log below and change APP_DEBUG to true looks like that returns the same pieces of information. At Azure the only thing that was not in the documentation is that we choose to use a single tenant (who works only for our organization), do you guys have any idea what is going on there? ### Exact BookStack Version 22.04 ### Log Content ``` [2023-02-20 13:13:05] production.ERROR: Error received during azure login: AADSTS650051: Invalid domain name in the request url. Trace ID: 573eefdf-7345-4d07-a32e-89bd81045300 Correlation ID: 4cf42653-7ba0-4844-9647-ab568ccdea0b Timestamp: 2023-02-20 13:13:04Z {"exception":"[object] (BookStack\\Exceptions\\SocialSignInException(code: 0): Error received during azure login: AADSTS650051: Invalid domain name in the request url. Trace ID: 573eefdf-7345-4d07-a32e-89bd81045300 Correlation ID: 4cf42653-7ba0-4844-9647-ab568ccdea0b Timestamp: 2023-02-20 13:13:04Z at /var/www/bookstack/app/Http/Controllers/Auth/SocialController.php:78) [stacktrace] #0 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Controller.php(54): BookStack\\Http\\Controllers\\Auth\\SocialController->callback(Object(BookStack\\Http\\Request), 'azure') #1 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(45): Illuminate\\Routing\\Controller->callAction('callback', Array) #2 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Route.php(261): Illuminate\\Routing\\ControllerDispatcher->dispatch(Object(Illuminate\\Routing\\Route), Object(BookStack\\Http\\Controllers\\Auth\\SocialController), 'callback') #3 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Route.php(205): Illuminate\\Routing\\Route->runController() #4 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(721): Illuminate\\Routing\\Route->run() #5 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\\Routing\\Router->Illuminate\\Routing\\{closure}(Object(BookStack\\Http\\Request)) #6 /var/www/bookstack/app/Http/Middleware/Localization.php(45): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request)) #7 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\\Http\\Middleware\\Localization->handle(Object(BookStack\\Http\\Request), Object(Closure)) #8 /var/www/bookstack/app/Http/Middleware/RunThemeActions.php(26): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request)) #9 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\\Http\\Middleware\\RunThemeActions->handle(Object(BookStack\\Http\\Request), Object(Closure)) #10 /var/www/bookstack/app/Http/Middleware/CheckEmailConfirmed.php(47): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request)) #11 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\\Http\\Middleware\\CheckEmailConfirmed->handle(Object(BookStack\\Http\\Request), Object(Closure)) #12 /var/www/bookstack/app/Http/Middleware/PreventAuthenticatedResponseCaching.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request)) #13 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\\Http\\Middleware\\PreventAuthenticatedResponseCaching->handle(Object(BookStack\\Http\\Request), Object(Closure)) #14 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php(78): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request)) #15 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\VerifyCsrfToken->handle(Object(BookStack\\Http\\Request), Object(Closure)) #16 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php(49): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request)) #17 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\View\\Middleware\\ShareErrorsFromSession->handle(Object(BookStack\\Http\\Request), Object(Closure)) #18 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(121): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request)) #19 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(64): Illuminate\\Session\\Middleware\\StartSession->handleStatefulRequest(Object(BookStack\\Http\\Request), Object(Illuminate\\Session\\Store), Object(Closure)) #20 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Session\\Middleware\\StartSession->handle(Object(BookStack\\Http\\Request), Object(Closure)) #21 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request)) #22 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Cookie\\Middleware\\AddQueuedCookiesToResponse->handle(Object(BookStack\\Http\\Request), Object(Closure)) #23 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(67): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request)) #24 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Cookie\\Middleware\\EncryptCookies->handle(Object(BookStack\\Http\\Request), Object(Closure)) #25 /var/www/bookstack/app/Http/Middleware/ApplyCspRules.php(33): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request)) #26 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\\Http\\Middleware\\ApplyCspRules->handle(Object(BookStack\\Http\\Request), Object(Closure)) #27 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request)) #28 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(719): Illuminate\\Pipeline\\Pipeline->then(Object(Closure)) #29 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(698): Illuminate\\Routing\\Router->runRouteWithinStack(Object(Illuminate\\Routing\\Route), Object(BookStack\\Http\\Request)) #30 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(662): Illuminate\\Routing\\Router->runRoute(Object(BookStack\\Http\\Request), Object(Illuminate\\Routing\\Route)) #31 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(651): Illuminate\\Routing\\Router->dispatchToRoute(Object(BookStack\\Http\\Request)) #32 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(167): Illuminate\\Routing\\Router->dispatch(Object(BookStack\\Http\\Request)) #33 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\\Foundation\\Http\\Kernel->Illuminate\\Foundation\\Http\\{closure}(Object(BookStack\\Http\\Request)) #34 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Http/Middleware/TrustProxies.php(39): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request)) #35 /var/www/bookstack/app/Http/Middleware/TrustProxies.php(41): Illuminate\\Http\\Middleware\\TrustProxies->handle(Object(BookStack\\Http\\Request), Object(Closure)) #36 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\\Http\\Middleware\\TrustProxies->handle(Object(BookStack\\Http\\Request), Object(Closure)) #37 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request)) #38 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TrimStrings.php(40): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle(Object(BookStack\\Http\\Request), Object(Closure)) #39 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TrimStrings->handle(Object(BookStack\\Http\\Request), Object(Closure)) #40 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request)) #41 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize->handle(Object(BookStack\\Http\\Request), Object(Closure)) #42 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/PreventRequestsDuringMaintenance.php(86): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request)) #43 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\PreventRequestsDuringMaintenance->handle(Object(BookStack\\Http\\Request), Object(Closure)) #44 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(BookStack\\Http\\Request)) #45 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(142): Illuminate\\Pipeline\\Pipeline->then(Object(Closure)) #46 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(111): Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter(Object(BookStack\\Http\\Request)) #47 /var/www/bookstack/public/index.php(52): Illuminate\\Foundation\\Http\\Kernel->handle(Object(BookStack\\Http\\Request)) #48 {main} "} ``` ### PHP Version 8.2.2 ### Hosting Environment Following Dockerfile, since is under Kubernetes the volumes values and the access to it were configured in the cluster: ``` FROM solidnerd/bookstack:22.04 ARG DB_HOST ARG DB_DATABASE ARG DB_USERNAME ARG DB_PASSWORD ARG APP_URL ARG AZURE_APP_ID ARG AZURE_APP_SECRET ARG AZURE_TENANT ENV DB_HOST=${DB_HOST} \ DB_DATABASE=${DB_DATABASE} \ DB_USERNAME=${DB_USERNAME} \ DB_PASSWORD=${DB_PASSWORD} \ APP_URL=${APP_URL} \ AZURE_APP_ID=${AZURE_APP_ID} \ AZURE_APP_SECRET=${AZURE_APP_SECRET} \ AZURE_TENANT=${AZURE_TENANT} EXPOSE 8080 ```

OVERLORD added the 🐕 Support label 2026-02-05 06:58:18 +03:00

OVERLORD closed this issue 2026-02-05 06:58:22 +03:00

OVERLORD commented 2026-02-05 06:58:28 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Feb 20, 2023):

Hi @fabionzn,

• When defining AZURE_* environment values for BookStack, do these contain any curly braces at the start or end?
• Are you 100% sure the tennant value is correct? If so, could you screenshot the exact area within AzureAD where you are getting the value from? (Can blur/blank out the actual value).
• Could you share an anonymised copy of the AZURE_TENANT you are setting? Just for checking format against expectations.

Just as an additional note, if you're intending to use BookStack in an environment where all users are expected to access via AzureAD accounts, the OIDC/SAML2 authentication options can generally provide a better user experience as a primary authentication method.

@ssddanbrown commented on GitHub (Feb 20, 2023): Hi @fabionzn, - When defining `AZURE_*` environment values for BookStack, do these contain any curly braces at the start or end? - Are you 100% sure the tennant value is correct? If so, could you screenshot the exact area within AzureAD where you are getting the value from? (Can blur/blank out the actual value). - Could you share an anonymised copy of the `AZURE_TENANT` you are setting? Just for checking format against expectations. Just as an additional note, if you're intending to use BookStack in an environment where **_all_** users are expected to access via AzureAD accounts, the OIDC/SAML2 authentication options can generally provide a better user experience as a primary authentication method.

OVERLORD commented 2026-02-05 06:58:35 +03:00

Author

Owner

Copy Link

@fabionzn commented on GitHub (Feb 21, 2023):

Hi @ssddanbrown,
about your questions:

• All values are been sent through ARG and I believe that all values are between the correct braces, at least requesting the server to return those variables all 3 have it.
  
• I hope so, but your question makes me doubt my memory 😓, but I got those values from here
  
• I am not sure if I understand your request you mean the variable value in the image or the value formation?
  • To the first the variable value is {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}
  • To the second the format that I got from Azure is xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

I will take your option to my superiors, but as far as I understand the idea it is to allow all users (current and new ones) of the company that I work to connect using AzureAD and eventually attach the SSO function since all devices will be migrated to AzureAD.

@fabionzn commented on GitHub (Feb 21, 2023): Hi @ssddanbrown, about your questions: - All values are been sent through ARG and I believe that all values are between the correct braces, at least requesting the server to return those variables all 3 have it.  - I hope so, but your question makes me doubt my memory 😓, but I got those values from here  - I am not sure if I understand your request you mean the variable value in the image or the value formation? - To the first the variable value is **_{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}_** - To the second the format that I got from Azure is **_xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx_** I will take your option to my superiors, but as far as I understand the idea it is to allow all users (current and new ones) of the company that I work to connect using AzureAD and eventually attach the SSO function since all devices will be migrated to AzureAD.

OVERLORD commented 2026-02-05 06:58:41 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Feb 21, 2023):

Thank for the detail @fabionzn.

Please remove the surrounding {} curly brackets from all of your AZURE_* Env values. The values should not have surrounding curly braces.

@ssddanbrown commented on GitHub (Feb 21, 2023): Thank for the detail @fabionzn. Please remove the surrounding `{}` curly brackets from all of your `AZURE_*` Env values. The values should not have surrounding curly braces.

OVERLORD commented 2026-02-05 06:58:47 +03:00

Author

Owner

Copy Link

@fabionzn commented on GitHub (Feb 22, 2023):

Hail @ssddanbrown,

clearly and of course that's the only test that I hadn't tried 😅
Fornatuelly, all data used was right and there was progress, but I still need to do a little more to make it work and the list (considering even the braces "issue") is:

1. Remove braces from values as recommended if you want to use environment variables and not the '.env' file, I was able to test right now and get the same "issue" if someone chooses to export the values with braces;
2. Add a variable that enables auto register, found here
3. In settings/registration you need to mark 'Enable Registration', found nowhere the error says that I need to enable it🤣
   1. You can restrict adding your domain, for example, mydomain.com in 'Domain Restriction';
      1. Since I use 'Domain Restriction' I need to add some MAIL_* variables to Laravel, if I understand correctly, send the e-mail with the confirmation link using this passing thought here.

Not sure if this might help someone in the future @ssddanbrown, but would be nice to pass this information to someone to update the this section considering the docker and export variables in a server with Linux.

Since the docker image works by itself I need to care only with docker arguments and to anyone that gets here, my Dockerfile was like this:

FROM solidnerd/bookstack:23.1

ARG SERVICE
ARG MAIL_HOST
ARG MAIL_PORT
ARG MAIL_USERNAME
ARG MAIL_PASSWORD
ARG MAIL_ENCRYPTION
ARG MAIL_FROM_NAME
ARG DB_HOST
ARG DB_DATABASE
ARG DB_USERNAME
ARG DB_PASSWORD
ARG APP_URL
ARG AZURE_APP_ID
ARG AZURE_APP_SECRET
ARG AZURE_TENANT

ENV ${SERVICE}_AUTO_REGISTER=true \
    MAIL_DRIVER=smtp \
    MAIL_HOST=${MAIL_HOST} \
    MAIL_PORT=${MAIL_PORT} \
    MAIL_USERNAME=${MAIL_USERNAME} \
    MAIL_PASSWORD=${MAIL_PASSWORD} \
    MAIL_ENCRYPTION=${MAIL_ENCRYPTION} \
    MAIL_FROM_NAME=${MAIL_FROM_NAME} \
    DB_HOST=${DB_HOST} \
    DB_DATABASE=${DB_DATABASE} \
    DB_USERNAME=${DB_USERNAME} \
    DB_PASSWORD=${DB_PASSWORD} \
    APP_URL=${APP_URL} \
    AZURE_APP_ID=${AZURE_APP_ID} \
    AZURE_APP_SECRET=${AZURE_APP_SECRET} \
    AZURE_TENANT=${AZURE_TENANT}

EXPOSE 8080

So far I believe that it works so I'll close this "issue" and thank you a lot @ssddanbrown.

P.S. I use this ${SERVICE}_AUTO_REGISTER since you can change "any moment" which service you wanna enable the auto register, in my head looks logical this option🤣
P.S.S. I am using this over a Kubernetes instance so the volume configuration was made using YAML files as, for now, NFS connection like this:

apiVersion: v1
kind: PersistentVolume
metadata:
  name: nfs-pv-bookstack-storage
spec:
  storageClassName: manual
  capacity:
    storage: 20Gi
  accessModes:
    - ReadWriteMany
  nfs:
    path: PATH
    server:  SERVER_IP
    readOnly: false
---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: nfs-pv-bookstack-public
spec:
  storageClassName: manual
  capacity:
    storage: 20Gi
  accessModes:
    - ReadWriteMany
  nfs:
    path: PATH
    server:  SERVER_IP
    readOnly: false
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: nfs-pvc-bookstack-storage
spec:
  storageClassName: "manual"
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: "20Gi"
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: nfs-pvc-bookstack-public
spec:
  storageClassName: "manual"
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: "20Gi"

@fabionzn commented on GitHub (Feb 22, 2023): Hail @ssddanbrown, clearly and of course that's the only test that I hadn't tried 😅 Fornatuelly, all data used was right and there was progress, but I still need to do a little more to make it work and the list (considering even the braces "issue") is: 1. Remove braces from values as recommended if you want to use environment variables and not the '.env' file, I was able to test right now and get the same "issue" if someone chooses to export the values with braces; 2. Add a variable that enables auto register, found [here](https://github.com/BookStackApp/BookStack/issues/3437) 3. In settings/registration you need to mark 'Enable Registration', found nowhere the error says that I need to enable it🤣 1. You can restrict adding your domain, for example, mydomain.com in 'Domain Restriction'; 1. Since I use 'Domain Restriction' I **need** to add some MAIL_* variables to Laravel, if I understand correctly, send the e-mail with the confirmation link using [this](https://stackoverflow.com/questions/32515245/how-to-to-send-mail-using-gmail-in-laravel/38197222#38197222) passing thought [here](https://github.com/BookStackApp/BookStack/issues/765). Not sure if this might help someone in the future @ssddanbrown, but would be nice to pass this information to someone to update the [this](https://www.bookstackapp.com/docs/admin/third-party-auth/) section considering the docker and export variables in a server with Linux. Since the docker image works by itself I need to care only with docker arguments and to anyone that gets here, my Dockerfile was like this: ``` FROM solidnerd/bookstack:23.1 ARG SERVICE ARG MAIL_HOST ARG MAIL_PORT ARG MAIL_USERNAME ARG MAIL_PASSWORD ARG MAIL_ENCRYPTION ARG MAIL_FROM_NAME ARG DB_HOST ARG DB_DATABASE ARG DB_USERNAME ARG DB_PASSWORD ARG APP_URL ARG AZURE_APP_ID ARG AZURE_APP_SECRET ARG AZURE_TENANT ENV ${SERVICE}_AUTO_REGISTER=true \ MAIL_DRIVER=smtp \ MAIL_HOST=${MAIL_HOST} \ MAIL_PORT=${MAIL_PORT} \ MAIL_USERNAME=${MAIL_USERNAME} \ MAIL_PASSWORD=${MAIL_PASSWORD} \ MAIL_ENCRYPTION=${MAIL_ENCRYPTION} \ MAIL_FROM_NAME=${MAIL_FROM_NAME} \ DB_HOST=${DB_HOST} \ DB_DATABASE=${DB_DATABASE} \ DB_USERNAME=${DB_USERNAME} \ DB_PASSWORD=${DB_PASSWORD} \ APP_URL=${APP_URL} \ AZURE_APP_ID=${AZURE_APP_ID} \ AZURE_APP_SECRET=${AZURE_APP_SECRET} \ AZURE_TENANT=${AZURE_TENANT} EXPOSE 8080 ``` So far I believe that it works so I'll close this "issue" and thank you a lot @ssddanbrown. P.S. I use this ${SERVICE}_AUTO_REGISTER since you can change "any moment" which service you wanna enable the auto register, in my head looks logical this option🤣 P.S.S. I am using this over a Kubernetes instance so the volume configuration was made using YAML files as, for now, NFS connection like this: ``` apiVersion: v1 kind: PersistentVolume metadata: name: nfs-pv-bookstack-storage spec: storageClassName: manual capacity: storage: 20Gi accessModes: - ReadWriteMany nfs: path: PATH server: SERVER_IP readOnly: false --- apiVersion: v1 kind: PersistentVolume metadata: name: nfs-pv-bookstack-public spec: storageClassName: manual capacity: storage: 20Gi accessModes: - ReadWriteMany nfs: path: PATH server: SERVER_IP readOnly: false --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: nfs-pvc-bookstack-storage spec: storageClassName: "manual" accessModes: - ReadWriteMany resources: requests: storage: "20Gi" --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: nfs-pvc-bookstack-public spec: storageClassName: "manual" accessModes: - ReadWriteMany resources: requests: storage: "20Gi" ```

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

development

l10n_development

release

llm_only

vectors

v25-11

docker_env

drawio_rendering

user_permissions

ldap_host_failover

svg_image

prosemirror

captcha_example

fix/video-export

v25.12.3

v25.12.2

v25.12.1

v25.12

v25.11.6

v25.11.5

v25.11.4

v24.11.4

v25.11.3

v25.11.2

v25.11.1

v25.11

v25.07.3

v25.07.2

v25.07.1

v25.07

v25.05.2

v25.05.1

v25.05

v25.02.5

v25.02.4

v25.02.3

v25.02.2

v25.02.1

v25.02

v24.12.1

v24.12

v24.10.3

v24.10.2

v24.10.1

v24.10

v24.05.4

v24.05.3

v24.05.2

v24.05.1

v24.05

v24.02.3

v24.02.2

v24.02.1

v24.02

v23.12.3

v23.12.2

v23.12.1

v23.12

v23.10.4

v23.10.3

v23.10.2

v23.10.1

v23.10

v23.08.3

v23.08.2

v23.08.1

v23.08

v23.06.2

v23.06.1

v23.06

v23.05.2

v23.05.1

v23.05

v23.02.3

v23.02.2

v23.02.1

v23.02

v23.01.1

v23.01

v22.11.1

v22.11

v22.10.2

v22.10.1

v22.10

v22.09.1

v22.09

v22.07.3

v22.07.2

v22.07.1

v22.07

v22.06.2

v22.06.1

v22.06

v22.04.2

v22.04.1

v22.04

v22.03.1

v22.03

v22.02.3

v22.02.2

v22.02.1

v22.02

v21.12.5

v21.12.4

v21.12.3

v21.12.2

v21.12.1

v21.12

v21.11.3

v21.11.2

v21.11.1

v21.11

v21.10.3

v21.10.2

v21.10.1

v21.10

v21.08.6

v21.08.5

v21.08.4

v21.08.3

v21.08.2

v21.08.1

v21.08

v21.05.4

v21.05.3

v21.05.2

v21.05.1

v21.05

v21.04.6

v21.04.5

v21.04.4

v21.04.3

v21.04.2

v21.04.1

v21.04

v0.31.8

v0.31.7

v0.31.6

v0.31.5

v0.31.4

v0.31.3

v0.31.2

v0.31.1

v0.31.0

v0.30.7

v0.30.6

v0.30.5

v0.30.4

v0.30.3

v0.30.2

v0.30.1

v0.30.0

v0.29.3

v0.29.2

v0.29.1

v0.29.0

v0.28.3

v0.28.2

v0.28.1

v0.28.0

v0.27.5

v0.27.4

v0.27.3

v0.27.2

v0.27.1

v0.27

v0.26.4

v0.26.3

v0.26.2

v0.26.1

v0.26.0

v0.25.5

v0.25.4

v0.25.3

v0.25.2

v0.25.1

v0.25.0

v0.24.3

v0.24.2

v0.24.1

v0.24.0

v0.23.2

v0.23.1

v0.23.0

v0.22.0

v0.21.0

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.0

v0.18.5

v0.18.4

v0.18.3

v0.18.2

v0.18.1

v0.18.0

v0.17.4

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.3

v0.15.2

v0.15.1

v0.15.0

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.13.1

v0.13.0

v0.12.2

v0.12.1

v0.12.0

v0.11.2

v0.11.1

v0.11.0

v0.10.0

v0.9.3

v0.9.2

v0.9.1

v0.9.0

v0.8.2

v0.8.1

v0.8.0

v0.7.6

v0.7.5

v0.7.4

v0.7.3

0.7.2

v.0.7.1

v0.7.0

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.0

Labels

Clear labels

🎨 Design

📖 Docs Update

🐛 Bug

🐛 Bug

:cat2:🐈 Possible duplicate

💿 Database

☕ Open to discussion

💻 Front-End

🐕 Support

🚪 Authentication

🌍 Translations

🔌 API Task

🏭 Back-End

⛲ Upstream

🔨 Feature Request

🛠️ Enhancement

🛠️ Enhancement

🛠️ Enhancement

❤️ Happy feedback

🔒 Security

🔍 Pending Validation

💆 UX

📝 WYSIWYG Editor

🌔 Out of scope

🔩 API Request

:octocat: Admin/Meta

🖌️ View Customization

❓ Question

🚀 Priority

🛡️ Blocked

🚚 Export System

♿ A11y

🔧 Maintenance

> Markdown Editor

pull-request

Mirrored from GitHub Pull Request

No Label 🐕 Support

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#3522