one of our customers wants to connect M365 to his FNMS environment. We followed the task from the FLexera documentation to create client secret within Azure and filled in all the necessary information and credentials in the Beacon.
When testing the connection we get an error message "The remote server returned an error: (401) Unauthorized" and "An error occurred trying to get the access token: Get-TokenSetInternal failed"
We checked all the credentials at least twice within Azure and the Beacon, but nothing changes. Is there anybody with an idea or hint? Could the redirection URI cause such a behaviour?
Thanks a lot!
Mar 07, 2023 03:29 AM
It could be the previous valid token expired and throwing such error.
Mar 07, 2023 03:58 AM
thank you very much so far...
Ok, even, if custumer was using authorization via token and now wants to realize connection via client secret?
so we would need to refresh token first and then create client credential?
Mar 07, 2023 04:23 AM
NO need to refresh the token first. Create the new client secret on the app, then adjust your settings in the beacon.
Mar 07, 2023 06:34 AM
But we created a new client secret, that caused this error.
I think creating another one won't solve the problem, will it?
Mar 07, 2023 07:06 AM
I had the same issue but with the difference that I tried to consume the api via Powershell. An M365 expert from my side told me that a certificate is needed to access the AD of executing user... maybe this helps 🙂
Mar 07, 2023 07:38 AM
@ThomasK , in a customer UAT environment I am encountering the same issue. I just tried cutting it over from token to secret and got the same error.
If you work out a solution please post it.
@maxhenselcrayon , with your PowerShell issue, was the solution to provide a cert in the powershell? Or was it added to the local cert store on your computer?
Mar 07, 2023 10:38 PM
I was able to delete the old applicatin with token bases authentication in the azure environment of the customer, but the error still occurs.
Could you find a reason meanwhile?
Mar 09, 2023 08:43 AM
@ThomasK , I'll be opening a case for this. Can I suggest you do the same, we'll each reference the other case and get some focus on this.
Mar 09, 2023 06:35 PM
Mar 13, 2023 09:09 PM
@ThomasK , so I got this thing to work. In the end for me it was a silly mistake; when creating the secret, the Azure admin gave me what is listed as the 'Secret ID', where in fact they should have given me the 'Value'.In the screen capture attached you need the thing I highlighted in red, not the thing in black.
This value is only seen when creating the secret, so it needs to be copied immediately.
The Adapters and Connectors Reference Guide talks about a 'Client Secret field', and so I think this is an easy mistake to make.
Mar 14, 2023 04:52 AM
thanks for the hint, just checked if customer is using a cert based authentification and he doesn't.
Same settings and configuration like other customers with a working M365 connector.
Mar 09, 2023 08:41 AM