I’m having some troubles with the Oauth2 method in a HTTP Node, used to connect to Microsoft Graph API. The issue is that n8n is apparently not requesting to renew the token when the old one has expired. I need to reconnect manually about every hour… I have tried everything, to no avail, including adding the access_type=offline parameter in the query.
Error: “code”: “InvalidAuthenticationToken”,
“message”: “Access token has expired or is not yet valid.”
Please share the workflow
Information on your n8n setup
- n8n version: 0.176.0
- Database you’re using (default: SQLite): POSTGRES
- Running n8n with the execution process [own(default), main]: own
- Running n8n via [Docker, npm, n8n.cloud, desktop app]: Docker
Hi @tomfer, welcome to the community!
I think the Microsoft API you are referring to requires a separate scope rather than a specific query parameter to issue a refresh token: Microsoft identity platform scopes, permissions, & consent - Microsoft identity platform | Microsoft Docs
Glad to use n8n!
I believe I’ve set everything properly, within AAD and n8n.
Here’s a screenshot of my n8n credentials’ configuration:
And here’s a screenshot of my Microsoft’s scope configuration:
Still, it doesn’t work. I’ve also tried using the “https://graph.microsoft.com/” prefix, with no joy.
I’m at a point where I want to take a node such as the one for Onedrive, discontruct it and adapt it for the Microsoft Graph API.
So I couldn’t make it work with the embedded Oauth2 authorization from N8N. But i’ve managed to build my own Oauth2 authorization workflow and it’s working pretty well.
Hey @tomfer, glad to hear you managed to get it working, thanks a lot for confirming! Perhaps you could share your workflow in case someone else encounters a similar problem?
Sure, for security reasons I’m just disclosing the HTTP node that makes the OAuth refresh token request. But the principle is the following:
- Retrieve the access token and the refresh token previously stored on a datastore (local file, database, etc., this is up to you and your standards)
- Make the HTTP request to Microsoft’s token endpoint with the correct scopes
- Replace the newly received tokens on your datastore
- Return the HTTP response to the master workflow with the new tokens
**Please note that this only adresses the refresh token issue. For the initial authorization code request, you will need to do it on your own in order to 1/ redeem the authorization code and then 2/ to redeem your very first access token as described on the Microsoft’s documentation.