We have a similar issue. Flows working fine. Added Conditional Access to require MFA and failures started the next morning.
- User MFA's to site
- Flow starts in PowerApps
- First failure is at action "SharePoint Get Item"
- Same user submits another request - will succeed at "Get Item" but fail at "Outlook Send Mail"
Doesn't happen for every user. Trying to address this before larger scale rollout of the Conditional Access policy.
Error:
{
"statusCode": 401,
"headers": {
"x-ms-failure-cause": "apihub-token-exchange",
"x-ms-apihub-obo": "false",
"x-ms-apihub-cached-response": "false",
"Date": "Thu, 01 Aug 2024 19:08:02 GMT",
"Content-Length": "1451",
"Content-Type": "application/json"
},
"body": {
"status": 401,
"source": "https://power-te-westus-3.azurewebsites.net:443/tokens/msmanaged-na/sharepointonline/c49631cb29684065bea5ad0a87cef990/exchange",
"message": "Error from token exchange: Runtime call was blocked because connection has error status: Enabled| Error, and sharepointonline is in the block list. Connection errors: [ParameterName: token, Error: Code: Unauthorized, Message: 'Failed to refresh access token for service: sharepointonlinecertificatev2. Correlation Id=61815f98-ecf8-4853-8a72-307657d913f7, UTC TimeStamp=8/1/2024 7:08:01 PM, Error: Failed to acquire token from AAD: {\"error\":\"interaction_required\",\"error_description\":\"AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '00000003-0000-0000-c000-000000000000'. Trace ID: af2794b2-a615-4072-86b4-5ec8f3a80400 Correlation ID: ce9cfc38-e930-4b59-ab65-c059688eb639 Timestamp: 2024-08-01 19:08:01Z\",\"error_codes\":[50076],\"timestamp\":\"2024-08-01 19:08:01Z\",\"trace_id\":\"af2794b2-a615-4072-86b4-5ec8f3a80400\",\"correlation_id\":\"ce9cfc38-e930-4b59-ab65-c059688eb639\",\"error_uri\":\"https://login.windows.net/error?code=50076\",\"suberror\":\"basic_action\",\"claims\":\"{\\\"access_token\\\":{\\\"capolids\\\":{\\\"essential\\\":true,\\\"values\\\":[\\\"d2bbccbb-213a-4b45-8422-7b366363d8d4\\\",\\\"a03b209c-0ca4-40ba-859c-d1329a741f1c\\\"]}}}\"}']"
}
}