cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
petere
Level: Powered On

Constant authentication issue with O365

I have setup a number of Flows that users O365 application (SharePoint, OWA, Dynamics), after a few days, Flows stop working due to authentication error (Error 401) and I need to re-connect the steps. This issue has happened a few times. Is this a known problem? Any workaround?

17 REPLIES 17
Community Support Team
Community Support Team

Re: Constant authentication issue with O365

Hi @petere,

 

Please take a look at the connections created under Microsoft Flow:

Manage connections in Microsoft Flow

Make sure the connections are all good.

Besides, there is thread talking about error 401 with tweet, see:

https://powerusers.microsoft.com/t5/Flow-Forum/Post-a-tweet-failing-with-a-401-Unauthorized-error-me...

And connections built under office 365 on my side works good till now, could you please share more details regarding the error message, and the Flow configuration?

Regards

Community Support Team _ Michael Shao
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
petere
Level: Powered On

Re: Constant authentication issue with O365

Thanks @v-micsh-msft.

 

I am waiting to reproduce the issue and paste it here. The issue is different from your referenced forums post and I believe it is to do with Office365 2FA. 2FA is enabled on all Our o365 accounts. It seems like every now and then the access token is revoked and Flow must get re-authorised.

petere
Level: Powered On

Re: Constant authentication issue with O365

Issue happened again acroos *all* Flows that are connected to our Office365 account. See the screenshot below

 

flow_auth_error.PNG

 

And here is the error message body JSON response:

{
  "status": 401,
  "message": "{\"error_description\":\"Invalid JWT token. The token is expired.\"}",
  "source": "https://XYZ.sharepoint.com/sites/Consulting ...",
  "errors": []
}

 

For me this looks like a authentication problem with Office365 2FA. I think the JWT token expires every 14 days or so and require re-authentication.

petere
Level: Powered On

Re: Constant authentication issue with O365

Any workaround for this issue? this is beining happening again on all O365 Flow connections.

Community Support Team
Community Support Team

Re: Constant authentication issue with O365

Hi @petere,

 

Apologize for the late response.

For the connections, is it available for you to update the Connection information through Microsoft Flow gear button->Connections to update the authentication information for the problematic connection?

76.PNG

Please check the Update Connection part in the following article:

https://flow.microsoft.com/en-us/documentation/add-manage-connections/

 

In addition, I will forward this and if there is any helpful information on this, I will post back.

Regards

Community Support Team _ Michael Shao
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
petere
Level: Powered On

Re: Constant authentication issue with O365

Yes and that is what I've been doing. every now and then the token expiers, so the Flow stops and I should update the connection. Here is the error message for O365 services (Outlook, CRM, ...).

 

"Failed to refresh access token for service: office365certificate. Correlation Id=83ad79e3-f50c-4766-aaaa-770f0e0f1b81, UTC TimeStamp = 2/5/2017 5:35:06 AM, Error: Failed to acquire token from AAD: AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '00000002-0000-0ff1-ce00-000000000000'. Trace ID: ac065f8c-8d54-402c-a20f-952fb4618aaf Correlation ID: c907c75f-e1a3-4069-9e12-f6afae6745f4 Timestamp: 2017-02-05 05:35:04Z "

ADiBi
Level: Powered On

Re: Constant authentication issue with O365

Same probleme here. Happens after 2FA-expiry.

This is very annoying, because one doesn't get a notification about a broken connection.

 

Best solution would be to circumvent 2FA after a successfull connection....

Mycosoft
Level: Powered On

Re: Constant authentication issue with O365

I am getting similar failures. I am running around 8 flows that use the same sharepoint connection and randomly some are succeding and some are failing with the get items: error_description":"Invalid JWT token. The token is expired.

daminsky
Level: Power Up

Re: Constant authentication issue with O365

Have you tried creating an App password for the Flow?

petere
Level: Powered On

Re: Constant authentication issue with O365

Yes, it doesn't let me to login using app password. Auth happens through MS SSO and it doesn't allow app passwords.

Poidah
Level: Power Up

Re: Constant authentication issue with O365

This error is popping up in a lot of blogs/forums.

 

It looks like if MFA is enabled then all accounts used to connect to SharePoint/Office365 services get locked out after the session timeout period. What happened to having a 'service account' for the services so this kind of thing doesn't happen?!

 

"Invalid JWT token. The token is expired"

grovercorner2
Level: Powered On

Re: Constant authentication issue with O365

Giving this post another boost, because this is only thread I can find on the topic. I have 2FA enabled, remembering re-authenticating every 14 days makes my app too unreliable. Also having this issue in Power BI.

 

Any solution to keep this connections permentely active until I change my password? Without turning off 2FA.

AdminINMotion
Level: Power Up

Re: Constant authentication issue with O365

Having this as an issue too with a weird variant. I've got a user that can get on in the web app and on his phone (post enabling MFA) but now his Outlook 2016 application in Windows 10 won't sync. Tried uninstalling and starting over and it won't even let us add the account there now and tell them "Something went wrong".

 

I can see in Azure AD that the attempt is referencing error 50076.

Dogbyte
Level: Powered On

Re: Constant authentication issue with O365

I have this issue as well, didnt know my flows were failing, until I looked and saw the failed connections. 

 

Is this meant to be used in production environments? I cant have flows all over the place that i have to "touch" every 14 days. That is not sustainable and dependable. What is the best practice used here? create a separate user account that have multi factor auth enabled? or setup another type of authentication between the app and the environment? 

Highlighted
Tanner
Level 8

Re: Constant authentication issue with O365

My team and I are also encountering this issue frequently today after not having seen it at all before. Our organization does not currently utilize 2FA/MFA for anything related to these accounts or other Microsoft products.

Yulia
Level: Powered On

Re: Constant authentication issue with O365

Same issue here. Need to reconnect every week due to 2FA.

Even worth that each connector needs to be reconnected separately at different time. As a workaround it would be great if you can go and reconnect to all connectors at once, and if you can do it before the expiry date. So, at least we can maintain connections manually.

 

I'm wondering what will happen to the running flows if in the middle of the running flow it gets disconected?

For example, user starts an approval flow, it successfully trigered and sent to the approver, then the approver doesn't approve it  within a week, meanwhile flow connections expire. What happens with the running flow? Does it fail? I guess by default it will not send any notifications about the issue.As result, nor the user requested approval, nor the approver know that connections are expired and the flow faild. This makes Flow very unreliable. 

 

Please address this issue asap.

helsby
Level: Powered On

Re: Constant authentication issue with O365

Same here with the Microsoft MFA account set up. The annoying thing is I don't even get notified that the authentication has failed until the weekly email comes through.

Using an app password does not work as the SSO detects that the browser supports MFA and therefore refuses to connect with an app password.

Helpful resources

Announcements
thirdimage

Power Automate Community User Group Member Badge

Fill out a quick form to claim your user group badge now!

firstImage

Incoming: New and improved badges!

We've given our badges an overhaul and also added some brand new ones!

fifthimage

Microsoft Learn

Learn how to build the business apps that you need.

sixthImage

Power Platform World Tour

Find out where you can attend!

seventhimage

Webinars & Video Gallery

Watch & learn from the Power Automate Community Video Gallery!

Users Online
Currently online: 305 members 5,759 guests
Please welcome our newest community members: