PDA

View Full Version : OAuth 2 Timeout Issue

AN-Tech
December 14th, 2022, 11:14 AM
Is the new OAuth 2 method for email supposed to expire/timeout? Everything had been working fine but I noticed yesterday that Ranger stopped pulling in email.

Errors from Ranger:
TCmtGenXauth2ConDll Pop3Exception
POP3 needs OAuth2 authentication token
(24)

and

Error Code Received from your Mail Server: SMTP needs OAuth2 authentication token (SmtpException TMailSenderXOauth2)


Sign-in logs from M365:
Application: Email Server Access for RangerMSP (CCRM
Failure reason:
The refresh token has expired due to inactivity. The token was issued on {issueDate} and was inactive for {time}.

Additional Details:
Expected part of the token lifecycle - the user went an extended period of time without using the application, so the token was expired when the app attempted to refresh it.
Support Team
December 14th, 2022, 02:13 PM
It does not support to expire. 365 might decide to invalidate it though this is uncommon. Please try to restart the 'CRM Server' Windows service on your server and see whether this helps. Please also zip the content of \Logs folder and share it with us over email (support@), maybe something has been logged there.

Hope this helps!
AN-Tech
December 14th, 2022, 02:39 PM
I already tried restarting services, will send in log files now.
AN-Tech
December 15th, 2022, 12:42 PM
Had to do a reset in the Email Connector settings in the ServerConfig program. Will have to watch to see if this times out regularly and needs to be reset or if it was just a one off thing.
rfbalmer
January 3rd, 2023, 06:35 AM
I had the exact same issue over the holidays and had to perform a reset as well. Once reset everything was back to normal.
AN-Tech
March 15th, 2023, 03:40 PM
Looks like it has timed out on me again. Unfortunately I was not available for awhile and due to this no tickets came into Ranger during that time. Is there something that can be done to make this work permanently or at least for a longer period of time?
Support Team
March 16th, 2023, 07:05 AM
Thank you for posting this.

Based on the information that we could tell from Microsoft 365, a re-authorization might indeed be required every 90 days or so, and at this time we do not have a way to avoid or change this as it is forced on the app by 365. We do implement all automatic OAuth token refresh procedures, and therefore it is not always required, and yet, it might be required.

We added instructions about re-authorization in this article.

Hope this helps.