Forbidden Request. Please Check Oauth Token and scope permission.

Alphonsa Abraha
Tera Contributor

‎01-12-2023 05:06 AM

Hello Community, 

Hope one of you can assist.  I am trying to set up the Microsoft Azure AD Spoke so that I can create users to  Azure.  

Now I am getting the following error:

Error message: Forbidden Request. Please Check Oauth Token and scope permission.

 

AlphonsaAbraha_0-1673528199245.png

These are the permissions that I selected. Could anyone know to resolve it. Any ideas would be greatly appreciated. 

 

@Ankur Bawiskar  

 

0 Helpfuls
  • 3,500 Views
7 REPLIES 7

AlekhyaD2093158
Tera Contributor
In response to Iguana

‎06-23-2025 05:51 AM

Hi, can you please brief me more on the screenshot you attached?

 

0 Helpfuls

amaury
Tera Guru

‎07-16-2025 09:50 AM

Hello,

 

This worked for me.

After configuring the "Connections" on the workflow Studio for "AzureAD".

It automatically create the "Application Registries" (table [oauth_entity]) name "Microsoft Entra ID Spoke OAuth".
The fields "Grant type" value are by default "Authorization Code", you may want to try and change the values to "Client Credentials" as attachment :

Microsoft Entra ID Spoke OAuth.png

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

For more details on the official documentation on Set up Microsoft Entra ID spoke :

  • If you want to use credentials of an Azure user to obtain the OAuth token and run all flows with that user delegation, use Authorization Code. Currently, delegation of permission to each logged in ServiceNow user isn't supported.
  • If you want to grant permission to an app instead of an individual user, change the grant type to Client Credentials. This ensures that all flows, either interactive or background, will use the app permissions to execute the flows. For more information on how to use Client Credentials, see KB0993701.

Hope it helps

 

Brandon Warren
Kilo Guru
In response to amaury

4 weeks ago

This worked for me, Thank you!

0 Helpfuls