403 Client Error: Forbidden error returned when trying to connect to yammer OAuth from an application.

my primary goal: within my custom application, i'd like to use yammer oauth to authenticate users of an external network (as i could find no direct method to accomplish this, i've created a work around documented here).

my scenario is as follows: we have a primary network and an external network (going to refer to these as the 'beta networks'), which i have created for the purposes of beta testing a python based application. as a yammer network administrator, i've registered a client application with yammer (here), i believe on the primary network. using the resulting client secret and key, i can successfully connect my (python) application and allow users of the external network to OAuth with no problems.

for production, a second network setup exists, again consisting of an SSO enabled primary network and a (non-SSO) external network (going to refer to these as the 'production networks'). again, a client application has been registered with the primary network on the production networks. however, when i update my (python) application to use the production networks client secret/key, all attempts to oauth with an external user result in 403 Client Error: Forbidden.

on both the beta networks and production networks, the client app resistrations:

• are marked 'enabled',
• are 'published' to the yammer network (though neither are 'global').

the only difference between the beta and production networks that i know of is that production is SSO enabled. does this preclude using the oauth2 authentication process? is there some other setting required because of SSO?

thanks for any help.

Finally found a solution for this. If you want other users to have access to your network, you need to Globalize your app. For this you need to send a request to the Yammer helpdesk.