Unanswered

Dreaded Failed to refresh access token for service error

(2) Share

Report

Posted on by Dean Gross

242

I am trying to the Get List of new PowerApps, Flows and Connectors template for the first time. I'm a Global admin in the O365 tenant. The Office 365 Users connection is giving me the subject error. It also states that the Refresh Token has expired due to inactivity. The token was issued on 2018-05-10 and was inactive for 90:00.

How can I use this template? I have used this account for many things in the tenant and in Flow during that time period so I don't understand why it gives the inactive error message.

Can someone please provide me some education so that I can explain how this works to my customers.

Categories:

Using flows

I have the same question (0)

All responses (4)

Answers (0)

v-bacao-msft Microsoft Employee on at

Like (3)

Report
Copy link

Link copied!

Hi @DLGross,

Could you show me error message and details?
Since Office 365 Users connection is giving the subject error and states that the Refresh Token has expired due to inactivity.
Please take a try to update Office 365 Users connection or create a new connection to see if the issue still exists.
add-manage-connections

Best Regards,
Barry

Was this reply helpful? Yes No
GabrielStJohn Microsoft Employee on at

Like (1)

Report
Copy link

Link copied!

Hey, @DLGross!

Thank you for posting on the Flow Community Forum! It appears as though @v-bacao-msft would like some more information in order to further assist you properly with your issue. Please share any additional information that was requested in order to decrease the amount of time that it will take for you to be assisted!

Thank you for being an active member of the Flow Community!

-Gabriel
Flow Community Manager

Was this reply helpful? Yes No
HEATFreight 1,024 on at

Like (0)

Report
Copy link

Link copied!
I got the QuickBooks Online API apparently working perfectly in a custom connector, but I have another API that is returning the following error:

Failed to refresh access token for service: oauth2. Correlation Id=..., UTC TimeStamp=..., Error: OAuth 2 access token refresh failed. Client ID and secret sent in form body.. Response status code=BadRequest. Response body: {"error":"invalid_grant"}

It seems that something is happening with the refresh token request that is causing it to fail, but that happens in the background. We have no visibility into that request or the response, the OAuth2 custom connector handles that for you and it just works. Or so it did with the QBO API. This other API is more stubborn and I suspect it has something to do with the way they want their requests formatted. I'm not sure what Postman settings would affect this, but for instance these three settings in Postman's >Authorization tab seem like possible culprits:

Add authorization data to [Request URL] vs. [Request Headers]

or

Authorize using browser [y/n]

or

Client Authentication [Send client credentials in body] vs. [Send as Basic Auth header]

I am using the exact settings in the broken custom connector as what I used for the working QuickBooks Online custom connector, except with the base URL, auth URL, token URL, refresh URL, request URLs, client ID, and client secret all being unique to each API obviously. Other than those, everything else is exactly the same. API #2 works great for 20 minutes and then its access token expires and I get that error above^.

Any Power Platform wizards out there? @v-bacao-msft

Here's my earlier post in a different thread

Was this reply helpful? Yes No
HEATFreight 1,024 on at

Like (2)

Report
Copy link

Link copied!

Halp...

Microsoft Support blames the 3rd party API. 3rd party blames custom connector.

Microsoft says no go for request logs from the custom connector, so impossible to troubleshoot bad request. Error returned by the connection is insufficient to diagnose problem, need a copy of the actual request as well. If we had a way to see the OAuth2 refresh token request that the custom connector performs automatically —beyond our visibility as Power Platform users— we could troubleshoot what is wrong with it. Probably comes down to an extra parameter that the affected API returns in the auth code flow POST request's response body, which is a long triple-backslash-escaped JSON string called "claims", which is actually to spec I believe. But since that's not present in the QuickBooks Online API, which is working perfectly as a custom connector, we believe the non-refreshing API is breaking Microsoft's custom connector. That API team, call them Example.com, is a very popular web service that probably millions of people rely on. I think their API is to spec in terms of OAuth2 implementation and REST API and whatnot, but I'm no expert. But this is the first time they said they've ever heard of anyone deploying this API integration via a Microsoft Power Platform custom connector. That's new to them.

They say they can't diagnose issue unless we can provide the failing request. Microsoft says no logs.

What do?

Was this reply helpful? Yes No