topic Re: Sporadic 401 Unauthorized Response - Working Fine 97% Of The Time in Community Chat

Sporadic 401 Unauthorized Response - Working Fine 97% Of The Time

CallMeUp — Wed, 24 Sep 2025 13:47:43 GMT

Hey there, I'm struggling to chase down the root cause of an issue here that just popped up a couple weeks ago and is causing everybody a headache.

We have Workato in between an ECM tool and an ERP tool. 97% of the time the calls are returned properly, 200 is logged, and everything looks good.

A little under 3% of the time though we're getting 401 Unauthorized back. This is logged in Workato in the logs under API Management. Every 401 Unauthorized log is reporting 0ms total response time, and the client column is empty.

I checked in the ERP logs, and I don't see any requests with the timestamps of the 401 Unauthorized returns, only the successful 200 responses are in there. I checked in Entra to see if there was any issue in there, but I only see the account being logged into ever 24 hours by Workato which is showing successful.

I'm not sure where the issue is - so I figured I'd post here to see if anybody had any ideas on where to look.

Re: Sporadic 401 Unauthorized Response - Working Fine 97% Of The Time

Bhagya_pola — Wed, 24 Sep 2025 17:03:09 GMT

Hello @CallMeUp ,
Just checking, are you using one client or multiple clients for these endpoints?

Re: Sporadic 401 Unauthorized Response - Working Fine 97% Of The Time

CallMeUp — Wed, 24 Sep 2025 17:26:34 GMT

There's only the one client. Multiple endpoints for different transactions, but all through the one client. The sporadic 401 responses seem to be distributed across all of them at approximately the same rate proportional to the number of calls being made.

Re: Sporadic 401 Unauthorized Response - Working Fine 97% Of The Time

Bhagya_pola — Wed, 24 Sep 2025 18:02:07 GMT

Then I guess there might be an issue with the token refresh timing. The 3% you mentioned could be hitting the expired token before the refresh completes.

Re: Sporadic 401 Unauthorized Response - Working Fine 97% Of The Time

CallMeUp — Wed, 24 Sep 2025 18:16:09 GMT

The strange thing is that it'll be in the middle of other successful calls.

For example, it may be fine at 12:30, 12:31, and 12:32 then get 401 at 12:33 and be fine again at 12:34. Do you think that could be what you're describing?

Re: Sporadic 401 Unauthorized Response - Working Fine 97% Of The Time

Bhagya_pola — Wed, 24 Sep 2025 18:26:00 GMT

Exactly, that is what I meant. Check your token validity and refresh timing, there might be a small gap causing those random 401.

Re: Sporadic 401 Unauthorized Response - Working Fine 97% Of The Time

rajeshjanapati — Wed, 24 Sep 2025 18:27:43 GMT

Hi @CallMeUp ,

I assume you are working on an integration from Microsoft Entra to Salesforce via Workato. Could you confirm how you have connected Microsoft Entra? Are you using a direct application connection or APIs?

If you connected to Microsoft Entra using client_id, client_secret, and tenant_id, then Workato automatically generates an access token by default. However, if Workato fails to reach Microsoft Entra due to a server or connectivity issue, it may attempt to use an expired token, resulting in errors.

An alternative approach is to generate a Microsoft access token using the login URL and implement error handling to automatically refresh the token when it expires. This ensures that only a valid token is used when hitting the API. You can achieve this either through an HTTP Request in Workato or by using python code. With this approach, you should be able to resolve the token expiry issue.

Re: Sporadic 401 Unauthorized Response - Working Fine 97% Of The Time

CallMeUp — Wed, 24 Sep 2025 18:38:58 GMT

Hi @rajeshjanapati - We're integrating between Epicor ECM and Dynamics BC, but the access control to BC is controlled by Entra.

The connection to BC is handled as you describe, using a client_id, client_secret, and tenant_id.

I apologize for my ignorance - but when attempting to configure a connection to Dynamics BC, the only connection type offered in Workato for configuration is Cloud.

Unless you're describing a change to the recipe itself, in which case, could you elaborate a bit more for me?

Re: Sporadic 401 Unauthorized Response - Working Fine 97% Of The Time

CallMeUp — Wed, 24 Sep 2025 18:40:31 GMT

Hi @Bhagya_pola - thank you for you input so far. Can you clarify where I would check this timing? I took a look through the connections and API settings, but I didn't see anything that seemed to line up with your description.

To add some context, which I gave to @rajeshjanapati as well, the specific apps being connected here are Epicor ECM and Dynamics BC.

Re: Sporadic 401 Unauthorized Response - Working Fine 97% Of The Time

rajeshjanapati — Wed, 24 Sep 2025 18:50:56 GMT

Have you implemented Error handling concept to retry the failed records when it is 401 error ??

Re: Sporadic 401 Unauthorized Response - Working Fine 97% Of The Time

CallMeUp — Wed, 24 Sep 2025 18:55:31 GMT

I did try that, however it didn't seem to make any difference.

Is there a way I can confirm where the 401 is coming from conclusively? We assume the BC/Entra side, but we can't find anything in their logs to correspond to it, so we're curious if it's perhaps something within Workato that's being interpreted as a denial.

Re: Sporadic 401 Unauthorized Response - Working Fine 97% Of The Time

rajeshjanapati — Wed, 24 Sep 2025 18:56:18 GMT

Here I have completed developed with the help of Microsoft GraphQL APIs, for generating access token need to use Microsoft login URL with token url and other stuff,

If you need i can share you the POSTMAN collection file for better understanding.

Re: Sporadic 401 Unauthorized Response - Working Fine 97% Of The Time

Bhagya_pola — Wed, 24 Sep 2025 19:02:12 GMT

Access tokens are valid for 3600 seconds (1 hour). After that, the token expires and cannot be used anymore.