03-10-22 01:46 PM
01-11-23 01:12 PM
Hi @ewilson
We have been using this VBO for a few months now and it has been working great.
We have been notified by our tech team that emails within our organisation will be switching to using Multifactor Authentication (MFA). Would this affect the use of the VBO? i.e. would the email address need to be authenticated using MFA before being able to use the VBO? not sure if it's relevant but we are using application permissions.
Kind Regards,
Raheel
01-11-23 02:39 PM
Hello @RaheelR,
If you're using Application Access tokens I don't think MFA will have an impact on you, assuming the org administrator has gone ahead and granted the necessary Graph permissions to the application registration. Ultimately you're performing an OAuth2 code flow with a client ID and secret without a specific user account, so I think you'll be fine.
Cheers,
06-12-23 10:59 AM
Hello Eric,
I try to use the outlook 365 VBO with a Blueprism Version 7.0.1.
I set delegated permissions and my organisation use Multifactor Authentication.
My problem, I can't get a token. Error message is :
MSAL.Desktop.4.42.1.0.MsalUiRequiredException:
ErrorCode: invalid_grant
Microsoft.Identity.Client.MsalUiRequiredException: AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '00000003-0000-0000-c000-000000000000'. Trace ID: 24180752-1c0a-4a04-821f-291f0c0a4300 Correlation ID: b18fc924-8ae8-4c9f-a4be-c16ccdb613a4 Timestamp: 2023-12-06 10:37:01Z
MFA seems to block my request.
Do you have any tips to use this VBO on this configuration ?
Best regards
14-03-24 01:59 PM
@philippeboutry Did you solve that problem?
14-03-24 05:29 PM
Regarding MFA, we are in the process of adding a new action to the Microsoft Graph - Authentication connector that will support an MFA flow. It will require opening a browser instance, capturing a validation token, and a few other things but it should go a long way towards addressing the issue of MFA being enabled even against API connections. I hope to see this update posted by the end of the month.
Cheers,
14-03-24 06:33 PM
@ewilson
I was reading this url from Microsoft which talks about device information and single sign on, I don't know if this can help.
I tried modifying the action code with that WithBroker() method but no luck.
What is the version of Microsoft.Identity.Client.dll that MSAL VBO needs? Because if I try to use the latest version v4.59 I get this error
My original problem was in this thread.
14-03-24 08:09 PM
The specific Microsoft.Identity.Client.dll that was used to develop and test the VBO is included in the zip archive the VBO was in, assuming you downloaded it from the DX.
Cheers,
20-03-24 12:02 PM
Hi All,
I am getting an error that "remote server returned an error: (403) Forbidden." we are using Application access in Azure AD and have access to both read write and send(refer below snip).
Authentication is success and able to receive the access token.
Any suggestions, what went wrong in this case..?
2) Is message id compulsory to pass as input in get mail action? if yes, how do we get the message id in workflow?
Thanks,