โ03-07-2024 09:22 AM
We are able to get the connection established using an authorized account, but as soon as we tried to test a recipe it would fail and break the Sharepoint connection. Some of our IT team is suspecting that it could be because MFA is required for all of our Sharepoint sites, but we arenโt sure. We also werenโt sure if we were setting it up correctly as the Workato KB article for Sharepoint is a little outdated.
The connection can be setup using an โAuthorization code grantโ or โClient credentialsโ. We have been setting it up using the โAuthorization code grantโ, but it prompts for MFA each time. I attempted to set it up using the โClient credentialsโ, but I donโt believe I have the correct โCertificateโ and โPrivate Keyโ that is required because it gives me a โnot enough dataโ error. Even if we had the correct info for this, it looks like it may still prompt for MFA as you have to sign in with Microsoft still.
Long story short, do you think MFA would be causing the connection to break as soon as we try to test the recipe?
Solved! Go to Solution.
โ03-07-2024 11:07 AM
I've had problems like this this in the past, but MFA may not be the issue.
When you authenticate a Microsoft account and give it the appropriate permissions, a long-term token (aka "authorization code") is generated for use in API authentication. For API auth, only the token is required and MFA plays no part.
First step to creating the connection is to open an incognito/private browser window. If your browser is already logged into Microsoft using another account, it will automatically authenticate using that account (kind of annoying), so incognito is a must if you want to authenticate using a different account.
When creating the connection in Workato, select "Authorization code grant" but only fill out the subdomain and then click connect. This should open the pop-up with the Microsoft login. Enter your credentials, complete the MFA, and one of three things will happen:
Hopefully this info helps.
โ03-07-2024 11:07 AM
I've had problems like this this in the past, but MFA may not be the issue.
When you authenticate a Microsoft account and give it the appropriate permissions, a long-term token (aka "authorization code") is generated for use in API authentication. For API auth, only the token is required and MFA plays no part.
First step to creating the connection is to open an incognito/private browser window. If your browser is already logged into Microsoft using another account, it will automatically authenticate using that account (kind of annoying), so incognito is a must if you want to authenticate using a different account.
When creating the connection in Workato, select "Authorization code grant" but only fill out the subdomain and then click connect. This should open the pop-up with the Microsoft login. Enter your credentials, complete the MFA, and one of three things will happen:
Hopefully this info helps.