Fiddler blocks Office 365 from authenticating

1 Answer 3438 Views

Windows

1 Answer, 1 is accepted

answered on 13 Jun 2018, 09:45 AM

Hi,

Yes, you can. The proper way of doing this is to add Office 365 URLs which you want to be ignored as URLs for which Fiddler should be bypassed.

In order to do that go to Tools -> Options -> Connections. You will find a text box with label "Bypass Fiddler for URLs that start with" in the bottom right corner. This is a semicolon delimited list of URLs (and the default <-loopback> token) and support * as a wildcard. Based on my testing it seems that you have to add "*.office365.com", but I would suggest to confirm that this is the URL before adding it.

Please, keep in mind that this textbox actually controls Windows WinINET settings (you can check them by Tools -> WinINET options) and in order to take effect you have to detach and reattach Fiddler (File -> Capture traffic or F12).

Regards,
Alexander
Progress Telerik

Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items

David

commented on 24 Oct 2018, 09:27 PM

What about if you're specifically *trying* to capture 0365 SAML traffic? I'm trying to do just that and experience the same issue with Internet Explorer. I want to be able to see the HTTP redirects and with Fiddler running, it prompts for credentials and fails. Can it be done?

michael

commented on 29 Oct 2018, 12:03 PM

Hi. I am getting the same issue monitoring O365 traffic for the entire day. It works fine whilst the access token is valid but the part where the refresh token needs to request new access token that is failing somehow as you just get 401 unathorized from that point onwards. Please help!

Luke

commented on 16 Jun 2021, 11:52 AM | edited

I know this thread is old but running into the same problem here, was there ever a solution or is bypassing the office URL's the only way to get applications that use modern authentication to work?

Nick Iliev

commented on 17 Jun 2021, 07:28 AM

Hello Luke,

To be able to use any Office365 product, you need to have a proper network configuration as described by Microsoft. In the MS documentation, it appears that this is not a trivial job, and they even warn users not to bypass all office365 endpoints as this might lead to side-effects, decreased performance, and even temporary ban (server-side). That said, you could refer to this documentation article for details on how to set the proxy for Office365 and how to set the bypass list in Fiddler Classic.

https://docs.microsoft.com/en-us/microsoft-365/enterprise/managing-office-365-endpoints?view=o365-worldwide

Michael

commented on 10 Nov 2021, 07:31 PM

What if we're trying to capture Office 365 traffic with Fiddler?

Nick Iliev

commented on 11 Nov 2021, 10:33 AM

Office365 uses security techniques (like MTA-STS) that are aiming to prevent MITM attacked and the FIddler proxy is actually working exactly as a man-in-the-middle. Not sure if there is an applicable way, but you could try the proxy configuration as documented by Microsoft.