cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
DerekH_AU
Frequent Visitor

Generic Oauth 2 connector not refreshing access or refresh tokens

Hi all,

 

I am building a custom connector to make a couple of calls into the MYOB AccountRight API (https://developer.myob.com/api/accountright/api-overview/authentication/) and everything works, except that Power Automate doesn't seem to be refreshing the access/refresh token (and it did last time I looked at this a couple of months ago). The access token expires after 20 minutes and the refresh token after 7 days. I manually fix the connection, but within 20 minutes, it no longer connects and requires fixing again. 

 

I have noted as well that the custom connector security screen shows all the values except the Refresh URL, which is empty but mandatory. Even if I update the connection details to include the refresh URL, it doesn't have any impact and the value is cleared after updating the connector.

 

The connection details are:

ID Provider: Generic Oauth 2

Client ID: xnxx6js6mv2krartysp9ddkt

Authorization URL: https://secure.myob.com/oauth2/account/authorize

Token URL: https://secure.myob.com/oauth2/v1/authorize 

Refresh URL should be: https://secure.myob.com/oauth2/v1/authorize

Scope: CompanyFile

Redirect URL: https://global.consent.azure-apim.net/redirect

 

When the custom connector isn't connected, it shows the error below. I am not sure if it is an issue or being returned by the API or somewhere in Power Automate, or if it is a symptom of another issue.

 

 

Failed to refresh access token for service: oauth2. Correlation Id=0fd144f6-e2bd-4b3a-8a7d-c2748a8767c2, UTC TimeStamp=11/4/2020 2:17:43 AM, Error: OAuth 2 access token refresh failed. Client ID and secret sent in form body.. Response status code=InternalServerError. Response body:

 

 

Server Error in '/' Application.


The required anti-forgery cookie "__RequestVerificationToken" is not present.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Web.Mvc.HttpAntiForgeryException: The required anti-forgery cookie "__RequestVerificationToken" is not present.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.


Stack Trace:

 [HttpAntiForgeryException (0x80004005): The required anti-forgery cookie "__RequestVerificationToken" is not present.] System.Web.Helpers.AntiXsrf.TokenValidator.ValidateTokens(HttpContextBase httpContext, IIdentity identity, AntiForgeryToken sessionToken, AntiForgeryToken fieldToken) +666 System.Web.Helpers.AntiXsrf.AntiForgeryWorker.Validate(HttpContextBase httpContext) +163 System.Web.Mvc.ControllerActionInvoker.InvokeAuthorizationFilters(ControllerContext controllerContext, IList`1 filters, ActionDescriptor actionDescriptor) +156 System.Web.Mvc.Async.<>c__DisplayClass25.<BeginInvokeAction>b__1e(AsyncCallback asyncCallback, Object asyncState) +859 System.Web.Mvc.Async.WrappedAsyncResult`1.Begin(AsyncCallback callback, Object state, Int32 timeout) +146 System.Web.Mvc.Async.AsyncResultWrapper.Begin(AsyncCallback callback, Object state, BeginInvokeDelegate beginDelegate, EndInvokeDelegate`1 endDelegate, Object tag, Int32 timeout) +75 System.Web.Mvc.Async.AsyncResultWrapper.Begin(AsyncCallback callback, Object state, BeginInvokeDelegate beginDelegate, EndInvokeDelegate`1 endDelegate, Object tag) +28 System.Web.Mvc.Async.AsyncControllerActionInvoker.BeginInvokeAction(ControllerContext controllerContext, String actionName, AsyncCallback callback, Object state) +1295 System.Web.Mvc.<>c__DisplayClass1d.<BeginExecuteCore>b__17(AsyncCallback asyncCallback, Object asyncState) +50 System.Web.Mvc.Async.WrappedAsyncResult`1.Begin(AsyncCallback callback, Object state, Int32 timeout) +146 System.Web.Mvc.Async.AsyncResultWrapper.Begin(AsyncCallback callback, Object state, BeginInvokeDelegate beginDelegate, EndInvokeDelegate`1 endDelegate, Object tag, Int32 timeout) +75 System.Web.Mvc.Controller.BeginExecuteCore(AsyncCallback callback, Object state) +532 System.Web.Mvc.Async.WrappedAsyncResult`1.Begin(AsyncCallback callback, Object state, Int32 timeout) +146 System.Web.Mvc.Async.AsyncResultWrapper.Begin(AsyncCallback callback, Object state, BeginInvokeDelegate beginDelegate, EndInvokeDelegate`1 endDelegate, Object tag, Int32 timeout) +75 System.Web.Mvc.Async.AsyncResultWrapper.Begin(AsyncCallback callback, Object state, BeginInvokeDelegate beginDelegate, EndInvokeDelegate endDelegate, Object tag) +28 System.Web.Mvc.Controller.BeginExecute(RequestContext requestContext, AsyncCallback callback, Object state) +387 System.Web.Mvc.<>c__DisplayClass8.<BeginProcessRequest>b__2(AsyncCallback asyncCallback, Object asyncState) +144 System.Web.Mvc.Async.WrappedAsyncResult`1.Begin(AsyncCallback callback, Object state, Int32 timeout) +146 System.Web.Mvc.Async.AsyncResultWrapper.Begin(AsyncCallback callback, Object state, BeginInvokeDelegate beginDelegate, EndInvokeDelegate`1 endDelegate, Object tag, Int32 timeout) +75 System.Web.Mvc.Async.AsyncResultWrapper.Begin(AsyncCallback callback, Object state, BeginInvokeDelegate beginDelegate, EndInvokeDelegate endDelegate, Object tag) +28 System.Web.Mvc.MvcHandler.BeginProcessRequest(HttpContextBase httpContext, AsyncCallback callback, Object state) +320 System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +2066 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +868 

 


Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.36660

1 ACCEPTED SOLUTION

Accepted Solutions
DerekH_AU
Frequent Visitor

The cookie error was being reported by the connector, when making connections without my browser even being open. In any case, for now, I have recreated the connection the connector is using and so far I have had 24 hours of refreshed access tokens, making a request every 15 minutes, when the access token expires after 20 mins. For the moment, recreating the connection seems to have resolved the issue.

View solution in original post

5 REPLIES 5
shyamsu
Power Automate
Power Automate

This appears to be a client/browser side issue. We require cookies to be enabled. Can you please make sure you doing this all in one browser with cookies allowed?

DerekH_AU
Frequent Visitor

The cookie error was being reported by the connector, when making connections without my browser even being open. In any case, for now, I have recreated the connection the connector is using and so far I have had 24 hours of refreshed access tokens, making a request every 15 minutes, when the access token expires after 20 mins. For the moment, recreating the connection seems to have resolved the issue.

HEATFreight
Kudo Kingpin
Kudo Kingpin

I'm having the same issue as @DerekH_AU although I have never been able to get the refresh token to work at all.

I am building the Custom Connector by importing a Postman ver. 2.1 collection. Any tips?

Edit: oh I think I found part of the answer here

Edit2: Ok, yep I've figured it out! I exported a Postman v2.1 collection with all requests using the OAuth2 authorization method. Crucially, I left out the manual refresh token request from the collection. Postman requires you to build a manual request to keep the token refreshed because it will not do that for you even though it has that convenient "Get New Access Token" button: 

HEATFreight_0-1639234343574.png

You must leave out any manual authorization or refresh requests that you might use in Postman. These are not necessary (nor will they even work) in the custom connector. So you export a v2.1 Postman collection of just the non-authentication-related requests that you want to include in your connector. Each of these needs to have a type of "OAuth 2.0" in the Authorization tab. I followed this guide.

You import the Postman collection into the Power Automate custom connector and proceed through the >General and >Security settings. Crucially, you must save the >Security settings before moving on. I never see this mentioned in tutorials, but if you don't do it, the client ID and secret as well as the Refresh URL will not be saved and you'll have to return to finish the >Security tab before you can actually "Update connector".

The interesting thing here is that no matter what you do, the Refresh URl field will wipe itself as if it did not accept your input, but rest assured this is the expected behavior.

Next tab is >Definition. The thing to remember about >Definition is that the conversion between the Swagger Editor and the Custom Connector user interface is broken. YOU CAN NOT TRUST IT TO CONVERT THE SWAGGER CODE PROPERLY! So here is what you do, follow the guide I linked above to edit the code in the Swagger Editor, and then click "Update connector" WHILE YOU STILL HAVE SWAGGER EDITOR TOGGLED ON! I never see any guides mention this part. If you switch back to the regular interface by toggling off the Swagger Editor, there is a chance something will break. You should be safe if you don't open any of the request parameters (like Path, Query, Headers, Body or any of their sub-fields), and clicking "Update connector" toggles off the Swagger Editor anyway, but definitely if you start opening any of those request parameter fields it will start breaking your Swagger code! I do think you can toggle off Swagger Editor before clicking "Update connector" and it will still work. It's mainly just opening the request parameters that begins to break the Swagger code.

One example is if you try using integers as default values for string types. The normal Custom Connector interface will error out if you give a string parameter an integer for a default value (say if your API requires a company ID # parameter). If you get this "integer as string" error, you can simply open the Swagger Editor and put single quotes around the affected default value integers. If you click "Update connector" while Swagger Editor is still toggled on, or at least without navigating back to the string parameter in question, the single quotes will remain intact and your default value will populate in the >Test tab and wherever you use the connector, like Power Automate. But the second you open the string parameter in the normal Custom Connector interface (i.e. Swagger Editor toggled off), **BAM** no more single quotes. After opening the string parameter which has an integer default value, toggle Swagger Editor back on again and you will see that the single quotes have disappeared from around the default value integer.

Off the top of my head, I'm not sure what other parts of the Swagger code breaks when you try editing the Custom Connector parmeters outside of the Swagger Editor, but suffice it to say something ain't right. Stick to the Swagger Editor and you should be fine.

I'm at T+1 day of QuickBooks Online API Custom Connector keeping itself refreshed. The OAuth2 authorization code flow and refresh tokens work great in Custom Connectors if you do it right. 

HEATFreight
Kudo Kingpin
Kudo Kingpin

Ah crap, I'm back again. I got the QuickBooks Online API apparently working perfectly in a custom connector, but I have another API that is returning the following error:

 

Failed to refresh access token for service: oauth2. Correlation Id=..., UTC TimeStamp=..., Error: OAuth 2 access token refresh failed. Client ID and secret sent in form body.. Response status code=BadRequest. Response body: {"error":"invalid_grant"}

 


It seems that something is happening with the refresh token request that is causing it to fail, but that happens in the background. We have no visibility into that request or the response, the OAuth2 custom connector handles that for you and it just works. Or so it did with the QBO API. This other API is more stubborn and I suspect it has something to do with the way they want their requests formatted. I'm not sure what Postman settings would affect this, but for instance these three settings in Postman's >Authorization tab seem like possible culprits:

 

Add authorization data to [Request URL] vs. [Request Headers]

 

or

 

Authorize using browser [y/n]

 

or

 

Client Authentication [Send client credentials in body] vs. [Send as Basic Auth header]

 

 

I am using the exact settings in the broken custom connector as what I used for the working QuickBooks Online custom connector, except with the base URL, auth URL, token URL, refresh URL, request URLs, client ID, and client secret all being unique to each API obviously. Other than those, everything else is exactly the same. API #2 works great for 20 minutes and then its access token expires and I get that error above^.

Any Power Platform wizards out there? @RezaDorrani @shyamsu @v-bacao-msft 

Did you ever resolved this? I am trying to connect an external api and i get the same issues. I have try to create it manually and by importing the json files. When i go and try to connect to it. i get the error

{"error":"invalid_request","error_description":"Invalid redirect_uri: https://global.consent.azure-apim.net/redirect","rfc6749_reference":"4.1.2.1, 4.2.2.1"}

Helpful resources

Announcements

Back to Basics: Tuesday Tip #1: All About YOUR Community Account

We are excited to kick off our new #TuesdayTIps series, "Back to Basics." This weekly series is our way of helping the amazing members of our community--both new members and seasoned veterans--learn and grow in how to best engage in the community! Each Tuesday, we will feature new areas of content that will help you best understand the community--from ranking and badges to profile avatars, from Super Users to blogging in the community. Our hope is that this information will help each of our community members grow in their experience with Power Platform, with the community, and with each other!     This Week's Tips: Account Support: Changing Passwords, Changing Email Addresses or Usernames, "Need Admin Approval," Etc.Wondering how to get support for your community account? Check out the details on these common questions and more. Just follow the link below for articles that explain it all.Community Account Support - Power Platform Community (microsoft.com)   All About GDPR: How It Affects Closing Your Community Account (And Why You Should Think Twice Before You Do)GDPR, the General Data Protection Regulation (GDPR), took effect May 25th 2018. A European privacy law, GDPR imposes new rules on companies and other organizations offering goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents. GDPR applies no matter where you are located, and it affects what happens when you decide to close your account. Read the details here:All About GDPR - Power Platform Community (microsoft.com)   Getting to Know You: Setting Up Your Community Profile, Customizing Your Profile, and More.Your community profile helps other members of the community get to know you as you begin to engage and interact. Your profile is a mirror of your activity in the community. Find out how to set it up, change your avatar, adjust your time zone, and more. Click on the link below to find out how:Community Profile, Time Zone, Picture (Avatar) & D... - Power Platform Community (microsoft.com)   That's it for this week. Tune in for more Tuesday Tips next Tuesday and join the community as we get "Back to Basics."

Announcing the MPPC's Got Power Talent Show at #MPPC23

Are you attending the Microsoft Power Platform Conference 2023 in Las Vegas? If so, we invite you to join us for the MPPC's Got Power Talent Show!      Our talent show is more than a show—it's a grand celebration of connection, inspiration, and shared journeys. Through stories, skills, and collective experiences, we come together to uplift, inspire, and revel in the magic of our community's diverse talents. This year, our talent event promises to be an unforgettable experience, echoing louder and brighter than anything you've seen before.    We're casting a wider net with three captivating categories:  Demo Technical Solutions: Show us your Power Platform innovations, be it apps, flows, chatbots, websites or dashboards... Storytelling: Share tales of your journey with Power Platform. Hidden Talents: Unveil your creative side—be it dancing, singing, rapping, poetry, or comedy. Let your talent shine!    Got That Special Spark? A Story That Demands to Be Heard? Your moment is now!  Sign up to Showcase Your Brilliance: https://aka.ms/MPPCGotPowerSignUp  Deadline for submissions: Thursday, Sept 28th    How It Works:  Submit this form to sign up: https://aka.ms/MPPCGotPowerSignUp  We'll contact you if you're selected. Get ready to be onstage!  The Spotlight is Yours: Each participant has 3-5 minutes to shine, with insightful commentary from our panel of judges. We’re not just giving you a stage; we’re handing you the platform to make your mark.     Be the Story We Tell: Your talents and narratives will not just entertain but inspire, serving as the bedrock for our community’s future stories and successes.    Celebration, Surprises, and Connections: As the curtain falls, the excitement continues! Await surprise awards and seize the chance to mingle with industry experts, Microsoft Power Platform leaders, and community luminaries. It's not just a show; it's an opportunity to forge connections and celebrate shared successes.    Event Details:  Date and Time: Wed Oct 4th, 6:30-9:00PM   Location: MPPC23 at the MGM Grand, Las Vegas, NV, USA  

September User Group Success Story: Reading Dynamics 365 & Power Platform User Group

The Reading Dynamics 365 and Power Platform User Group is a community-driven initiative that started in September 2022. It has quickly earned recognition for its enthusiastic leadership and resilience in the face of challenges. With a focus on promoting learning and networking among professionals in the Dynamics 365 and Power Platform ecosystem, the group has grown steadily and gained a reputation for its commitment to its members!   The group, which had its inaugural event in January 2023 at the Microsoft UK Headquarters in Reading, has since organized three successful gatherings, including a recent social lunch. They maintain a regular schedule of four events per year, each attended by an average of 20-25 enthusiastic participants who enjoy engaging talks and, of course, pizza.   The Reading User Group's presence is primarily spread through LinkedIn and Meetup, with the support of the wider community. This thriving community is managed by a dedicated team consisting of Fraser Dear, Tim Leung, and Andrew Bibby, who serves as the main point of contact for the UK Dynamics 365 and Power Platform User Groups.   Andrew Bibby, an active figure in the Dynamics 365 and Power Platform community, nominated this group due to his admiration for the Reading UK User Group's efforts. He emphasized their remarkable enthusiasm and success in running the group, noting that they navigated challenges such as finding venues with resilience and smiles on their faces. Despite being a relatively new group with 20-30 members, they have managed to achieve high attendance at their meetings.   The group's journey began when Fraser Dear moved to the Reading area and realized the absence of a user group catering to professionals in the Dynamics 365 and Power Platform space. He reached out to Andrew, who provided valuable guidance and support, allowing the Reading User Group to officially join the UK Dynamics 365 and Power Platform User Groups community.   One of the group's notable achievements was overcoming the challenge of finding a suitable venue. Initially, their "home" was the Microsoft UK HQ in Reading. However, due to office closures, they had to seek a new location with limited time. Fortunately, a connection with Stephanie Stacey from Microsoft led them to Reading College and its Institute of Technology. The college generously offered them event space and support, forging a mutually beneficial partnership where the group promotes the Institute and encourages its members to support the next generation of IT professionals.   With the dedication of its leadership team, the Reading Dynamics 365 and Power Platform User Group is poised to continue growing and thriving! Their story exemplifies the power of community-driven initiatives and the positive impact they can have on professional development and networking in the tech industry. As they move forward with their upcoming events and collaborations with Reading College, the group is likely to remain a valuable resource for professionals in the Reading area and beyond.  

A Celebration of What We've Achieved--And Announcing Our Winners

As the sun sets on the #SummerofSolutions Challenge, it's time to reflect and celebrate! The journey we embarked upon together was not just about providing answers – it was about fostering a sense of community, encouraging collaboration, and unlocking the true potential of the Power Platform tools.   From the initial announcement to the final week's push, the Summer of Solutions Challenge has been a whirlwind of engagement and growth. It was a call to action for every member of our Power Platform community, urging them to contribute their expertise, engage in discussions, and elevate collective knowledge across the community as part of the low-code revolution.   Reflecting on the Impact As the challenge ends, it's essential to reflect on the impact it’s had across our Power Platform communities: Community Resilience: The challenge demonstrated the resilience of our community. Despite geographical distances and diverse backgrounds, we came together to contribute, learn, and collaborate. This resilience is the cornerstone of our collective strength.Diverse Expertise: The solutions shared during the challenge underscore the incredible expertise within our community. From intricate technical insights to creative problem-solving, our members showcased their diverse skill sets, enhancing our community's depth.Shared Learning: Solutions spurred shared learning. They provided opportunities for members to grasp new concepts, expand their horizons, and uncover the Power Platform tools' untapped potential. This learning ripple effect will continue to shape our growth. Empowerment: Solutions empowered community members. They validated their knowledge, boosted their confidence, and highlighted their contributions. Each solution shared was a step towards personal and communal empowerment. We are proud and thankful as we conclude the Summer of Solutions Challenge. The challenge showed the potential of teamwork, the benefit of knowledge-sharing, and the resilience of our Power Platform community. The solutions offered by each member are more than just answers; they are the expression of our shared commitment to innovation, growth, and progress!     Drum roll, Please... And now, without further ado, it's time to announce the winners who have risen above the rest in the Summer of Solutions Challenge!   These are the top community users and Super Users who have not only earned recognition but have become beacons of inspiration for us all.   Power Apps Community:  Community User Winner: @SpongYe Super User Winner: Pending Acceptance Power Automate Community:  Community User Winner: @trice602 Super User Winner: @Expiscornovus  Power Virtual Agents Community: Community User Winner: Pending AcceptanceSuper User: Pending Acceptance Power Pages Community: Community User Winner: @OOlashyn Super User Winner: @ChristianAbata   We are also pleased to announced two additional tickets that we are awarding to the Overall Top Solution providers in the following communities:    Power Apps: @LaurensM   Power Automate: @ManishSolanki    Thank you for making this challenge a resounding success. Your participation has reaffirmed the strength of our community and the boundless potential that lies within each of us. Let's keep the spirit of collaboration alive as we continue on this incredible journey in Power Platform together.Winners, we will see you in Vegas! Every other amazing solutions superstar, we will see you in the Community!Congratulations, everyone!

September featured user group leader

 Ayonija Shatakshi, a seasoned senior consultant at Improving, Ohio, is a passionate advocate for M365, SharePoint, Power Platform, and Azure, recognizing how they synergize to deliver top-notch solutions. Recently, we asked Ayonija to share her journey as a user group leader, shedding light on her motivations and the benefits she's reaped from her community involvement.      Ayonija embarked on her role as a user group leader in December 2022, driven by a desire to explore how the community leveraged various Power Platform components. When she couldn't find a suitable local group, she decided to create one herself!    Speaking about the impact of the community on her professional and personal growth, Ayonija says, "It's fascinating to witness how everyone navigates the world of Power Platform, dealing with license constraints and keeping up with new features. There's so much to learn from their experiences.:        Her favorite aspect of being a user group leader is the opportunity to network and engage in face-to-face discussions with fellow enthusiasts, fostering deeper connections within the community. Offering advice to budding user group leaders, Ayonija emphasized the importance of communication and consistency, two pillars that sustain any successful community initiative.      When asked why she encourages others to become user group leaders, Ayonija said, "Being part of a user group is one of the best ways to connect with experienced professionals in the same field and glean knowledge from them. If there isn't a local group, consider starting one; you'll soon find like-minded individuals."      Her highlight from the past year as a user group leader was witnessing consistent growth within the group, a testament to the thriving community she has nurtured. Advocating for user group participation, Ayonija stated, "It's the fastest route to learning from the community, gaining insights, and staying updated on industry trends."   Check out her group: Cleveland Power Platform User Group

An MPPC23 Invitation from Charles Lamanna, CVP of Microsoft Business Applications & Platform

Hear from Corporate Vice President for Microsoft Business Applications & Platform, Charles Lamanna, as he looks ahead to the second annual Microsoft Power Platform Conference from October 3rd-5th 2023 at the MGM Grand in Las Vegas.Have you got your tickets yet? Register today at www.powerplatformconf.com  

Users online (3,944)