Microsoft Graph Type Application Web Connection's Token keeps expiring

Question

Hi everyone,We are using this web connection MS Graph Type Application https://hub.safe.com/publishers/supporter/web-connections/microsoft-graph-type-applicationWe have the required details below: - Tenant-ID- Client-ID- Client SecretHowever, this keeps expiring every hour and we have to re-authenticate every time. Screenshot of the expiry time below:Is there a solution to this? There are other articles about Microsoft Graph Teams but the configuration is different.In our configuration, we keep the default setting and I notice the grant_type=client_credentials. 1. Do we need to ask our Cloud team to grant us a refresh token & grant_type = refresh_token?2. Also, do we need to ask them to add the fmeoauth URL to the Redirect URI in the MS Graph App like how we normally do with other Oauth2 App?If these need to be added, should they be mentioned in the hub?Many thanks!

ninixink · Accepted Answer

Hello,

Were you able to go over the documentation and test the configuration in the thread below? https://community.safe.com/s/question/0D7Dm000000AW3kKAG/detail?fromEmail=1&s1oid=00D30000000ePES&s1nid=0DB0c000000Gmzx&s1uid=0054Q00000F9UIO&s1ext=0&emkind=chatterCommentNotification&emtm=1681987641939

Thanks @Merline George - Let me know if it's better I delete this thread.

I just copy the reply I replied in the other thread:

We finally resolved this issue with HTTPCaller and didn't use the Web Connection.

We reached out to MS support and there are 2 different Oauth2 flows - Oauth2 client credential flow (App Identity flow) or the Oauth2 code grant flow (User Identity flow). The one that we are using is App identity flow as this allows us to read multiple mailboxes including shared mailboxes. These mailboxes will need to be added to a security group that links with our App (Application ID/ Client ID).

So what we did was:

Reauthenticate by calling this send “Client_id” + “Client_secret” to AAD token endpoint again. Reference: https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow
Retrieve the access token from the authentication call, and add it to the next call when we make a request to get mailboxes' message details.

Hope that helps if anyone else has the same issue with MS Graph API reauthentication.

Thanks! 🙂

merlinegeorge · Answer

Hello,

Were you able to go over the documentation and test the configuration in the thread below? https://community.safe.com/s/question/0D7Dm000000AW3kKAG/detail?fromEmail=1&s1oid=00D30000000ePES&s1nid=0DB0c000000Gmzx&s1uid=0054Q00000F9UIO&s1ext=0&emkind=chatterCommentNotification&emtm=1681987641939

Reply

Community Stats

Reply

Community Stats

Sign up

An FME Account is required to contribute

Login to the community

An FME Account is required to contribute

Scanning file for viruses.

This file cannot be downloaded