Microsoft outlook OATH2 unauthorized

Hi all!

I’m trying to connect the outlook node with microsoft credentials, except I’m getting an error:

I followed the steps in the docs, but I can’t seem to get it working. Here are the essential parts:



Edit
Here is my YML file:

version: "3"

services:
  traefik:
    image: "traefik"
    restart: always
    command:
      - "--api=true"
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
      - "--entrypoints.web.http.redirections.entrypoint.scheme=https"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.mytlschallenge.acme.tlschallenge=true"
      - "--certificatesresolvers.mytlschallenge.acme.email=${SSL_EMAIL}"
      - "--certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json"
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ${DATA_FOLDER}/letsencrypt:/letsencrypt
      - /var/run/docker.sock:/var/run/docker.sock:ro

  n8n:
    image: n8nio/n8n
    restart: always
    ports:
      - "5678:5678"
    command: "n8n start --tunnel"
    labels:
      - traefik.enable=true
      - traefik.http.routers.n8n.rule=Host(`${SUBDOMAIN}.${DOMAIN_NAME}`)
      - traefik.http.routers.n8n.tls=true
      - traefik.http.routers.n8n.entrypoints=web,websecure
      - traefik.http.routers.n8n.tls.certresolver=mytlschallenge
      - traefik.http.middlewares.n8n.headers.SSLRedirect=true
      - traefik.http.middlewares.n8n.headers.STSSeconds=315360000
      - traefik.http.middlewares.n8n.headers.browserXSSFilter=true
      - traefik.http.middlewares.n8n.headers.contentTypeNosniff=true
      - traefik.http.middlewares.n8n.headers.forceSTSHeader=true
      - traefik.http.middlewares.n8n.headers.SSLHost=${DOMAIN_NAME}
      - traefik.http.middlewares.n8n.headers.STSIncludeSubdomains=true
      - traefik.http.middlewares.n8n.headers.STSPreload=true
    environment:
      - N8N_BASIC_AUTH_ACTIVE=true
      - N8N_BASIC_AUTH_USER
      - N8N_BASIC_AUTH_PASSWORD
      - N8N_HOST=159.223.230.242
      - N8N_PORT=5678
      - N8N_PROTOCOL=http
      - NODE_ENV=production
      - WEBHOOK_URL=159.223.230.242
      - GENERIC_TIMEZONE=${GENERIC_TIMEZONE}
    volumes:
      - ${DATA_FOLDER}/.n8n:/home/node/.n8n

I did get it working in postman:

But for it to work I had to add a scope like User.read. Is there a field missing in the outlook node? Am I doing something wrong?

Thanks!

Hey @mark_de_jonge, I am sorry to hear you’re having trouble here. This error is coming from n8n by the looks of it and I wonder if this could be a problem with your webhook tunnel. How are you running n8n? Are you using the desktop version (and if so, which version of it)?

Hi! Thanks for your response! I am running a docker instance on a server using a tunnel. See the edit in my post for the content of the YML file. This morning I updated the docker instance to the latest version.

Hi,
I just had the same problem,
downgrading to [0.167.0] solved it for me, I hope it will be fixed in the versions.

Bear in mind that after downgrading I got the following error when trying to authorize the MS Module:

OAuth Authorization Error

There was a problem generating the authorization URL
Cannot read properties of undefined (reading ‘globalRole’)"

I had the privilege to wipe n8n entirely and start fresh,
I hope you’ll get around that error without such extreme measures.
Let me know what you did and if that helped you.
Good luck!

Hey @ToxicFi7h,

This should be something that we solved, When you hit the issue what version of n8n were you running and how did you have it installed?

@jon Thanks for the reply!

First I got this error on the latest [0.168.0],
Got “Unauthorized” when redirected back to the tunnel endpoint.
I downgraded it to [0.158.0] and it worked,
then I gradually got to [0.167.0], while between the 158 and 167 versions I got the “cannot read properties” error on some of them, I think after the tunnel naming changed from words to the random hash.

I have tried the Debian latest as well (It fixed an error that I cannot recall).

I guess if you want to reproduce, going from 158 to 167 while skipping 2-3 versions between upgrades it can be reproduced, Sorry that I didn’t log my journey…

Hey @ToxicFi7h,

I take it you ar eusing Docker then? One thing I wouldn’t recommend is using the tunnel option as the tunnel URL can change, What I would say though is there is an odd issue we are tracking that can be triggered when some environment variables are set. Are you able to share the ones you have set? (removing anything sensative).

1 Like