I have to improve my answer.
After playing with FB and Google auth, I stay on Office365 login because of company policy.
When I moved my discourse server behind a proxy (see the picture below), O365 auth became unavailable. It needs force https enabled and this option is broken behind the proxy. Solved thankfully by Daniel: Moved site behind proxy, favicon and header not using https anymore - #11 by rossierd.
The line in Internal Nginx config
proxy_set_header X-Forwarded-Proto $scheme;should be replaced with
proxy_set_header X-Forwarded-Proto "https";
External Nginx does not need such modification. It has:
proxy_set_header X-Forwarded-Proto $scheme;
Probably the same is right for FB, Google and other types of auth.
P.S.
Obviously that string contained a typo $ and was useless.