User & Admin Learning Support & FAQs Product updates Forums

OAuth 2.0 Service mailbox - invalid client_id

lock
push_pin
done
Answered
6
4

Hello,

We just migrated to Office/Microsoft 365 and I wanted to use the new Modern auth functionality for connecting our service mailbox, but I get the following error when trying to setup OAuth:

When I log into the mailbox manually (outlook.office365.com), it works fine.

SO Version: 9.2 R12

 

David Hollegien
4 Nov 2021 | 12:00 AM

All Replies (4)

Hi David, is this from an On-site SuperOffice? Which version?

To troubleshoot, you could try to send all the traffic from SuperOffice via a proxy (like Burp Suite), and look at what the actual requests are.

A client_id is used by OAuth2, but it would be interesting to see which one of the OAuth2 Flows Service is trying to use. I haven't experimented with this yet, so it'll be interesting to hear what you find.

Perhaps you need to define a client_id and client_secret in SuperOffice somewhere...?

Frode Lillerud
4 Nov 2021 | 12:00 AM

Hi,

@Frode L

Yes this SuperOffice OnSite with the 'NewAuthentication' feature toggle enabled.

@Frode B

Just send a email to pilot@superoffice.com with our serial number, we haven't used this feature before so if there are any old references, they can be removed.

 

Note: We do have a seperate test environment on the same serial, with data collection and user sync disabled ofcourse, also haven't used the new authentication feature there. But maybe that is the reason the serial is already registered?

David Hollegien
5 Nov 2021 | 12:00 AM

Hi Daivid,

Thanks for reaching out,

The error message is a bit cryptic and to generic - so it can be a bit hard to explicetly say what the issue is (so we should look into improving that :) )

But most likely, this is due to a security mechanism only allowing one registration per serialnumber. Could you post which serial number you are using to pilot@superoffice.com - and referrence this forum thread - and will look into it.
- If you already know you used same serialnumer more than once - you can let us know if it is ok to remove the old references to that serialnumber.


Frode Berntsen
5 Nov 2021 | 12:00 AM

Hi Frode B,

I apologise for reopening this thread, but we are getting the same error when trying to set up OAuth in Service (On-site) and I could not find any other threads that mentions the same issue.

When I log into the mailbox manually via outlook.office365.com, it works fine.

We are running version 8.5 R17.

(Planning on going to 10 at some point, but for now we just need the OAuth/Modern Auth before EOL for Basic. Hence the upgrade to 8.5 R17)

 

Could this also be connected to the "one registration per serialnumber" scenario? And is it still a "Pilot" issue at this point?

Note: Like David, we also run a separate test environment on the same serial. This occurs at the test environment since we are trying it out there first before upgrading prod. So I assume this needs to be fixed for prod as well? Or will it simply work for prod as soon as we fix it for test?

 

Thanks!

M
Markus Moripen
15 Jun 2022 | 11:57 AM
Hey Markus,
The situation of 2 duplicate serial number both uses OAuth - and get an error for doing so - is by design - for security reasons. Fixing the "lock" to that serial number will only be temp - if you again uses it on both installations running on the same serial number. IF you cant to use this feature on 2 tenants - you need 2 unique serial numbers. Reach out to support with the serial number you would like to "unlock" - for resolving the situation.

If you need help with a feature after the end of the pilot program, reach out to our support team - they will be able to help you out.
Frode Berntsen
15 Jun 2022 | 12:48 PM

Add reply