Outlook Integration error

I am using connected system with Oauth2.0 to connect to office365 and get the calendars i m able to authorize using connected system however when testing the base url I get the below error

Invalid credentials

Appian was not able to authenticate with the access token you provided. This request requires Bearer authentication. HTTP/1.1 401 Unauthorized Next Steps

  • This integration is using a connected system with OAuth 2.0 authentication configured. You may need to authorize access to the external system and retry the request.
  • Make sure that you are using the correct OAuth 2.0 configuration for this external system
  • Make sure that the OAuth 2.0 configuration provides the required scope to make this request
  • Check the request and response for more details
  • Review the external systems documentation for information on what may have caused the problem

When i run the authorization its executes successfully.  Has any one seen this issue before or can someone share the Oauth2.0 configuration related to outlook ( For outlook defining a scope is mandatory)

  Discussion posts and replies are publicly visible

Parents Reply Children
  • Thanks Steve, Yes, I've tested Azure AD Graph API functions using Postman outside Appian, it's successful.

    Created the HTTP connected system object with inputs ClientID, Client Secret and Token Request Endpoint - Authentication: OAuth 2.0 client credentials Grant. - Tested using "Authorize" button. "Authorization Successful".

    However, when testing Integration Object using above HTTP connected system object, getting an below error. Any suggestions pls? Thanks.

    Invalid credentials

    error-result-guidance

    Appian was not able to authenticate with the access token you provided. This request requires Bearer authentication. HTTP/1.1 401 Unauthorized Next Steps

    • This integration is using a connected system with OAuth 2.0 Client Credential authentication configured. You may need to authorize access to the external system and retry the request.
    • Make sure that you are using the correct OAuth 2.0 configuration for this external system
    • Make sure that the OAuth 2.0 configuration provides the required scope to make this request
    • Check the request and response for more details
    • Review the external system’s documentation for information on what may have caused the problem

    HTTP Request:

    GET /v1.0/users HTTP/1.1 Authorization: Bearer ****** Host: graph.microsoft.com Connection: Keep-Alive User-Agent: Appian Accept-Encoding: gzip,deflate

    HTTP Response:

    HTTP/1.1 401 Unauthorized Date: Sun, 04 Jul 2021 05:36:22 GMT Content-Type: application/json Transfer-Encoding: chunked Vary: Accept-Encoding WWW-Authenticate: Bearer realm="", authorization_uri="">login.microsoftonline.com/.../authorize", client_id="00000003-0000-0000-c000-000000000000" Strict-Transport-Security: max-age=31536000 request-id: ef4ec847-5229-4ff6-b9c7-fc8586a7bba9 client-request-id: ef4ec847-5229-4ff6-b9c7-fc8586a7bba9 x-ms-ags-diagnostic: {"ServerInfo":{"DataCenter":"UK South","Slice":"E","Ring":"3","ScaleUnit":"000","RoleInstance":"LN2PEPF00003306"}}

    {"error":{"code":"InvalidAuthenticationToken","message":"Access token validation failure. Invalid audience.","innerError":{"date":"2021-07-04T05:36:23","request-id":"ef4ec847-5229-4ff6-b9c7-fc8586a7bba9","client-request-id":"ef4ec847-5229-4ff6-b9c7-fc8586a7bba9"}}}

  • Hi Steve,

    Alternatively, I've tried the suggested approaches on the above chain. i.e.  Integration 1 and Integration 2.

    Integration 1 is successful. However, Integration 2 displaying an below error as shown below.  Not sure what needs to be followed here... Could you please suggest on this? - Thanks.

    Authentication is required

    error-result-guidance

    This request requires Bearer authentication, but no access token was provided HTTP/1.1 401 Unauthorized Next Steps

    • Bearer authentication typically means OAuth 2.0. Configure a connected system with OAuth 2.0 Authorization Code or Client Credential authentication and retry the request.
    • Check the request and response for more details
    • Review the external system’s documentation for information on what may have caused the problem

    {"error":{"code":"InvalidAuthenticationToken","message":"Access token validation failure. Invalid audience.","innerError":{"date":"2021-07-06T15:54:46","request-id":"10a8a3ad-dummy-41d0-a396-e51d854a83be","client-request-id":"10a8xyz123-2b17-41d0-a396-e51d854a83be"}}}

  • This has been fixed by adding the parameter "resource=https://graph.microsoft.com" on the request body.

    However, still wondering why its not possible to achieve using HTTP connected system object. 

    Update: 

    Thanks Tim / Steve, 

    Connected System object Graph integration issue has been fixed with the parameters Scope https://graph.microsoft.com/.default and “OAuth 2.0 token endpoint (v2). (In case of Azure AD personal a/c).