search cancel

OAuth 2.0 Azure Maileater Not Receiving Refresh Token

book

Article ID: 224656

calendar_today

Updated On:

Products

CA Service Management - Service Desk Manager

Issue/Introduction

Customer is configuring OAuth2.0 authentication between SDM Maileater and a mailbox located in Microsoft Azure.

When clicking "Generate Access Token" under:

"Mailbox Name" > Edit > 3.OAUTH 2.0 > "Auth Provider Name"

Token is unsuccessfully generated and accepted by SDM

Cause

2021-08-13 00:00:22:134 ERROR  [ForkJoinPool-1-worker-3] c.c.S.mail.OAuthProcessor - Refresh token is missing....can not get access token...

2021-08-13 00:00:22:134 ERROR  [ForkJoinPool-1-worker-3] c.c.S.m.ConnectSession - Failed to get a fresh access token...can not proceed further....

java.lang.Exception: Refresh token is null or empty

This error can be caused if customer does not want to grant the following permissions to the Mailbox User account:

This is located under Azure AD Admin Portal > Enterprise Applications > Consent and Permissions

 

 

Some customers only want their Admin users to be able to provide this permission.

For example, Customers may only want their Azure Admins to be able to provide these permissions.

The above information has the Mail user provide the permissions. 

 

 

Environment

Release : 17.3

Component : SDM - In-bound/Out-bound Mail

Resolution

A feature was introduced in RU11 to provide Azure Administrative Consent 

See Step F under "Set the Security Level as OAuth 2.0 - IMAP"

https://techdocs.broadcom.com/us/en/ca-enterprise-software/business-management/ca-service-management/17-3/administering/configure-ca-service-desk-manager/how-to-configure-the-mailbox-to-handle-inbound-emails/define-a-mailbox.html

Attachments