OAuth2 Office 365 invalid_grant

Moderator: crythias

Post Reply
sdlsystems
Znuny newbie
Posts: 4
Joined: 19 Aug 2022, 08:10
Znuny Version: 6.4
Real Name: Samuel Díaz

OAuth2 Office 365 invalid_grant

Post by sdlsystems »

Hi everyone and thanks for your help!


I'm traying to configure OAuth2 autentication on Znuny 6.4 with Office 365.

I have create the application on my tenant like Web Aplication, i have the correct RedirectURI, i see that i can do the login but i dont recive any token.
I recive the error:

Code: Select all

Backend ERROR: OTRS-CGI-59 Perl: 5.26.1 OS: linux Time: Fri Aug 19 10:01:17 2022

 Message: Error requesting token for token config ID 5 with authorization code 'XXXXXXXXXXXXXXXXXXX': invalid_grant.

 RemoteAddress: XXX.XXX.XXX.XXX
 RequestURI: /otrs/get-oauth2-token-by-authorization-code.pl?code=XXXXXXXXXXXXXXXXXXXX&state=TokenConfigID5&session_state=8c6bc3d3-9eba-4b9b-9918-69d4f15f665e

 Traceback (1284): 
   Module: Kernel::Output::HTML::Layout::Error Line: 1036
   Module: Kernel::Output::HTML::Layout::ErrorScreen Line: 1017
   Module: Kernel::Modules::AdminOAuth2TokenManagement::_RequestTokenByAuthorizationCode Line: 120
   Module: Kernel::Modules::AdminOAuth2TokenManagement::Run Line: 53
   Module: Kernel::System::Web::InterfaceAgent::Run Line: 1144
   Module: ModPerl::ROOT::ModPerl::Registry::opt_otrs_bin_cgi_2dbin_get_2doauth2_2dtoken_2dby_2dauthorization_2dcode_2epl::handler Line: 52
   Module: (eval) (v1.99) Line: 207
   Module: ModPerl::RegistryCooker::run (v1.99) Line: 207
   Module: ModPerl::RegistryCooker::default_handler (v1.99) Line: 173
   Module: ModPerl::Registry::handler (v1.99) Line: 32
I think that its something wrong on my application configuration on the tenant... but i dont know what could be... any idea about what could be the problem?

Thank you and sorry that my first post was a request for help. :(
sdlsystems
Znuny newbie
Posts: 4
Joined: 19 Aug 2022, 08:10
Znuny Version: 6.4
Real Name: Samuel Díaz

Re: OAuth2 Office 365 invalid_grant

Post by sdlsystems »

Solved!

I have deleted and recreated the application in office365 and I have managed to receive the first token.

In case something similar happens to someone, I have only registered the Web type application.
After I have given the API permissions:
IMAP.AccessAsUser.All
offline_access
POP.AccessAsUser.All
SMTP.Send
User.Read

And finaly create a secret.

It's all... i dont know how it doesnt work before... :shock:
root
Administrator
Posts: 3934
Joined: 18 Dec 2007, 12:23
Znuny Version: Znuny and Znuny LTS
Real Name: Roy Kaldung
Company: Znuny
Contact:

Re: OAuth2 Office 365 invalid_grant

Post by root »

Hi,

invalid grant might indicate that you used another user when creating the token.

- Roy
Znuny and Znuny LTS running on CentOS / RHEL / Debian / SLES / MySQL / PostgreSQL / Oracle / OpenLDAP / Active Directory / SSO

Use a test system - always.

Do you need professional services? Check out https://www.znuny.com/

Do you want to contribute or want to know where it goes ?
Post Reply