Telerik Forums / Fiddler

Fiddler blocks Office 365 from authenticating

1 Answer 2733 Views
Windows
Mog0
Top achievements
Rank 1
Mog0 asked on 07 Jun 2018, 04:14 PM

Hi

I've found that whenever fiddler is running on my PC (most of the time), Office 365 apps are unable to authenticate, for example, word can't access SharePoint 365 documents and OneNote can't sync notebooks stored on my OneDrive or on the SharePoint 365. They just keep prompting for my password. As soon as I close Fiddler, they authenticate and everything works again. Once authenticated, I can run Fiddler again and they keep working for a bit.

Is there anything I can do to Fiddler's settings to get it to ignore Office 365 traffic?

Thanks


1 Answer, 1 is accepted

Sort by
0
Alexander
Telerik team
answered on 13 Jun 2018, 09:45 AM
Hi,

Yes, you can. The proper way of doing this is to add Office 365 URLs which you want to be ignored as URLs for which Fiddler should be bypassed.

In order to do that go to Tools -> Options -> Connections. You will find a text box with label "Bypass Fiddler for URLs that start with" in the bottom right corner. This is a semicolon delimited list of URLs (and the default <-loopback> token) and support * as a wildcard. Based on my testing it seems that you have to add "*.office365.com", but I would suggest to confirm that this is the URL before adding it.

Please, keep in mind that this textbox actually controls Windows WinINET settings (you can check them by Tools -> WinINET options) and in order to take effect you have to detach and reattach Fiddler (File -> Capture traffic or F12).

Regards,
Alexander
Progress Telerik
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
David
Top achievements
Rank 1
commented on 24 Oct 2018, 09:27 PM

What about if you're specifically *trying* to capture 0365 SAML traffic? I'm trying to do just that and experience the same issue with Internet Explorer. I want to be able to see the HTTP redirects and with Fiddler running, it prompts for credentials and fails. Can it be done?
michael
Top achievements
Rank 1
commented on 29 Oct 2018, 12:03 PM

Hi. I am getting the same issue monitoring O365 traffic for the entire day. It works fine whilst the access token is valid but the part where the refresh token needs to request new access token that is failing somehow as you just get 401 unathorized from that point onwards. Please help!

 

 

Luke
Top achievements
Rank 1
commented on 16 Jun 2021, 11:52 AM | edited

I know this thread is old but running into the same problem here, was there ever a solution or is bypassing the office URL's the only way to get applications that use modern authentication to work?
Nick Iliev
Telerik team
commented on 17 Jun 2021, 07:28 AM

Hello Luke,

 

To be able to use any Office365 product, you need to have a proper network configuration as described by Microsoft. In the MS documentation, it appears that this is not a trivial job, and they even warn users not to bypass all office365 endpoints as this might lead to side-effects, decreased performance, and even temporary ban (server-side). That said, you could refer to this documentation article for details on how to set the proxy for Office365 and how to set the bypass list in Fiddler Classic.

https://docs.microsoft.com/en-us/microsoft-365/enterprise/managing-office-365-endpoints?view=o365-worldwide

 

Michael
Top achievements
Rank 1
commented on 10 Nov 2021, 07:31 PM

What if we're trying to capture Office 365 traffic with Fiddler?
Nick Iliev
Telerik team
commented on 11 Nov 2021, 10:33 AM

Office365 uses security techniques (like MTA-STS) that are aiming to prevent MITM attacked and the FIddler proxy is actually working exactly as a man-in-the-middle. Not sure if there is an applicable way, but you could try the proxy configuration as documented by Microsoft.
Tags
Windows
Asked by
Mog0
Top achievements
Rank 1
Answers by
Alexander
Telerik team
Share this question
or