Hi,
i’m trying to connect to my Sharepoint through “Microsoft Graph Security OAuth2 API”. I want to download to an excel file so i can import data to mysql. But i can’t authorize. I’m using the “Microsoft Graph Security OAuth2 API” for several other applications such as an Plugin for WP or our virus scanner. This all works fine, but when i try to connect with th n8n credentials. I will always get an error.
error message
"Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method).
what i did
I added the credentials and made the app registration on microsoft azure.
I am sorry to hear you’re having trouble. I just gave this a go on my end with a newly registered app in the Azure portal and didn’t run into any trouble here with the authorization. My settings look very similar to yours:
Seeing n8n doesn’t seem to understand the response coming from MS in your case, could you double-check your application settings? When going through the registration process, did you pick the third option and provide a valid redirect URL for your n8n instnace?
@Frank_Loeffler - Did you ever get this resolved ? I was having the same issue under 0.201.0 … and have just upgraded my ‘wild’ new build environment to 0.204.0 and now get the same black screen but with ‘unknown error’ - I’ve got a feeling I’m going to get asked to open up a new question about this but since I was getting the same original message as you it could be connected.
Under 0.201.0 and 0.202.1 I was getting this message:
Hi all, getting the “credentials not connected” message suggests the tokens received during the OAuth 2.0 dance have not been persisted to n8n’s database.
I am afraid I do not have a Synology device here, so don’t quite know what might cause this. If you can also reproduce this problem with our latest standard docker image outside of Synology, could you please share a step by step description for doing so? Thank you!
For me - my configuration isn’t on a synology but on a x86_64 redhat os 7.9 release, with docker 1.13.1-209 (“supported” docker version by RH).
Other credentials (slack api token) are being stored ok and working ok but I’ll try and see if I can connect to a different OAuth2 service…
container image ends in 886d77ebb551:
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/n8nio/n8n 0.204.0 886d77ebb551 10 days ago 561 MB
docker.io/n8nio/n8n latest 886d77ebb551 10 days ago 561 MB
docker.io/traefik 2.9.5 d3cd2c35d32c 2 weeks ago 135 MB
docker.io/traefik latest d3cd2c35d32c 2 weeks ago 135 MB
I’ve now just upgraded to 0.205.0 build from 3 days ago… and now I get a different response from Microsoft. This time complaining about scopes missing.
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/n8nio/n8n 0.205.0 40bda9452162 3 days ago 561 MB
docker.io/n8nio/n8n latest 40bda9452162 3 days ago 561 MB
docker.io/n8nio/n8n 0.204.0 886d77ebb551 10 days ago 561 MB
docker.io/traefik 2.9.5 d3cd2c35d32c 2 weeks ago 135 MB
Ok …well this is interesting … I went to go look at the credentials that I used … and found that the ‘scopes’ to that last screenshot have now been cleared .
Thanks for confirming @0101binary0101! This is super helpful, I can reproduce this on [email protected] and shall add this to our engineering backlog for a fix.
@jan - Confirmed, I’ve updated my wild version to 0.206.1 - Scopes issue is resolved… and now I’m just back to the issue (as reported in this posting) of the account connection failure from the UI/MS but N8N logging shows it’s Successfully connected but still an workflow attempting to do anything with the credential is just rejected from MS.
@Jon do you by any chance know if this problem could be related to the fix you mentioned over here? I suppose it won’t fix our lack of logging for this “Unknown error”, but I wonder if it would still improve things (just in case it’s not just the two settings from my next post).
{"level":"verbose","message":"Credential updated","metadata":{"credentialId":"1","file":"credentials.controller.js","timestamp":"2022-12-16T11:54:31.983Z"}}
{"level":"verbose","message":"OAuth2 authentication successful for new credential","metadata":{"credentialId":"1","file":"oauth2Credential.api.js","timestamp":"2022-12-16T11:54:32.055Z","userId":"a2bcf347-392e-4114-a12a-1e2674c92cee"}}
Just to show what it looks like with a ‘pre-filled’ scope/authentication MS credential I tried it with a MS Teams OAuth2 Api … again using the latest 0.207.1
That is odd, Are all Microsoft OAuth connections failing? I have just tried Drive, Todo and Outlook on my 207.1 install and it is working as expected.
Quick update… I can reproduce the same issue if I use the wrong client secret, Just to confirm did you use the secret before it was hidden or the value next to the secret?
It’s unfortunate that the guy who admins the MS side is off now. So it’ll be a while till I get him to check his side again … only my 0.198.2 docker image is working which is using a different callback/clientid and secret…
Thanks @Jon - the secret value in the n8n credential wasn’t the one matching the application.
I noticed I couldn’t ‘edit/update’ the ‘Expression’ text of the credential… I had to click on ‘fixed’ and then paste in the client secret and then double checked the secret value by clicking on expression.
