cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
shuhn1229
Helper I
Helper I

Unauthorized when sending from a shared inbox

Hi,

 

I have a flow that works in conjunction with powerapps. The user in powerapps supplies several key inputs which are transferred over to the flow. On the last step an email is sent from a shared inbox. When users who are not myself trigger the flow, the flow fails at the send email function with the error. If I trigger it, it works fine. I think this is due to a permissions error. Is there anyway around this?

 

Error from token exchange: Runtime call was blocked because connection has error status: Enabled| Error, and office365 is in the block list. Connection errors: [ParameterName: token, Error: Code: Unauthorized, Message: 'Failed to refresh access token for service: aadcertificate. Correlation Id=b8db4bdd-60f8-4baf-aa03-ff9514884a9a, UTC TimeStamp=9/16/2022 10:09:03 PM, Error: Failed to acquire token from AAD: {"error":"invalid_grant","error_description":"AADSTS700082: The refresh token has expired due to inactivity. The token was issued on 2022-06-16T00:43:50.2117454Z and was inactive for 90.00:00:00.\r\nTrace ID: 81abaaf4-2c67-477b-8238-0372ec992500\r\nCorrelation ID: 9964574d-2c06-4812-8388-2c308fe7ff70\r\nTimestamp: 2022-09-16 22:09:03Z","error_codes":[700082],"timestamp":"2022-09-16 22:09:03Z","trace_id":"81abaaf4-2c67-477b-8238-0372ec992500","correlation_id":"9964574d-2c06-4812-8388-2c308fe7ff70","error_uri":"https://login.windows.net/error?code=700082"}']

 

8 REPLIES 8
muralidharan
Resolver III
Resolver III

@shuhn1229 

Use a dedicated service account to send emails rather than associated with a person account. 

Please let me know , do you want to use the From address should be generic one(service account like app-name@company.com) or the currently logged user should be the sender yourname@companyname.com ?

 

Thanks,

Murali. 

 

 

David-
Solution Sage
Solution Sage

In your flow, edit the run only users. Then look for the credentials for Outlook.

Web capture_17-9-2022_141424_make.powerautomate.com.jpeg

Change it from Provided by run-only user to use this connection with your credentials. In this button flow, it gets all the groups the person who runs the flow is an owner of, which is why the Office 365 Groups action runs under the user's credentials. I send the e-mail with the list using a service account I can send from.

Hi,

 

I don't see any dropdown options when editing the connections.

 

error21.PNG

 

Steve

Based on what you said about users triggering the flow, I assumed your flow is a button flow. What is your trigger condition?

It is a button in powerapps.

 

Thanks

Steve

I don't use Power Apps, so I am guessing a button in Power Apps is not the same as an instant cloud flow (button flow). If that is the case, you may not be able to change the settings. 

I just checked  - it is instant.

 

Is it possible my org has restricted settings changes?

 

Steve

I don't think it is possible. However, Microsoft's documentation states that to share an instant cloud flow you must be the creator or owner and you must have a Power Automate license (except the free license) or a seeded license: Learn how to share a cloud flow with other users - Power Automate | Microsoft Learn

Helpful resources

Announcements
Microsoft 365 Conference – December 6-8, 2022

Microsoft 365 Conference – December 6-8, 2022

Join us in Las Vegas to experience community, incredible learning opportunities, and connections that will help grow skills, know-how, and more.

Users online (1,297)