At the moment the Azure provider supports only Azure Active Directory (v1.0) endpoints.
Version v1.0 is deprecated by Microsoft and not fully compliant with the OIDC protocol.

Expected Behavior

The azure provider should be able to retrieve a JWT token using the v2.0 endpoint.

Current Behavior

At the moment if you use a v2.0 endpoint you get the error:

AADSTS901002: The 'resource' request parameter is not supported.

Steps to Reproduce (for bugs)

This should be a working configuration:

provider: azure
azure-tenant: [REDACTED]
oidc-issuer-url: https://login.microsoftonline.com/[REDACTED]/v2.0
resource: 6dae42f8-4368-4678-94ff-3960e28e3630
set-xauthrequest: "true"

Your Environment

• AKS managed AAD cluster

Server Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.5", GitCommit:"9a45ba1752db920873e084791faff8d470278b09", GitTreeState:"clean", BuildDate:"2021-05-19T22:28:02Z", GoVersion:"go1.15.8", Compiler:"gc", Platform:"linux/amd64"}

• oauth2-proxy: chart v3.3.2, application v7.1.3