OIDC issue with Microsoft Entra ID

Hello,

we have a small problem with OIDC. We have linked it with Microsoft Entra ID. The login also works more or less. The first time you click on "Sign in with OpenID Connect" you are logged in but you are redirected to the Xen Orchestra login page again. The second time you click on the login button you are redirected to the application as you would expect.

Login works with Chrome and Edge. With Firefox no login works at all, you are always just redirected to the login page.

Does anyone have any idea where the error is? There are no errors visible in the log.

Autodiscovery is activated. https://login.microsoftonline.com/ourtennantid/v2.0/

Hello,

tried to pass a config parameter to xo-server-auth-saml / passport-saml in xen orchestra, but it doesn't work.
Is this even possible? If it is, then how is it done correctly?
What I tried in /etc/xo-server/config.toml:

# Configuration for plugins
[plugins]
# Each configuration is passed to the dedicated plugin instance
#
# Syntax: [plugins.<pluginName>]

[plugins.auth-saml]
acceptedClockSkewMs = 60000

[plugins.xo-server-auth-saml]
acceptedClockSkewMs = 60000

[plugins.xo-server-auth-saml]
ctorOptions.acceptedClockSkewMs = 60000

[plugins.auth-saml]
ctorOptions.acceptedClockSkewMs = 60000

[plugins.passport-saml]
ctorOptions.acceptedClockSkewMs = 60000