The CreatorCon Call for Content is officially open! Get started here.

Cancelled : Initiated by user doesn't have a valid access token

Brian77
Tera Expert

‎09-08-2023 11:06 AM

We just activated the IT Service Management for Microsoft Teams in production this week, and noticed that the auto-import flow was cancelled and auto-import set to false on a chat record. 

 

It was created without issue, but upon reassignment of the incident, the OOTB business rule Add User to Chat on reassignment updated the initiated_by on the sn_tcm_collab_hook_ms_teams_chat record to another user. 

 

Then, next time the Auto Import Messages Subflow ran, it was cancelled and auto-import set to false, citing the error "Initiated by user doesn't have a valid access token"

Brian77_0-1694195851841.png

 

I think I've tracked down the source of this error to the script include MSTeamsAutoImportChatHelperSNC which contains a function importMessagesOfRecord with the following code

var hasValidToken = new sn_tcm_collab_hook.MSTeamsCredentialsHelper().isAccessTokenOrRefreshTokenAvailable();
                if (!hasValidToken) {
                    this.MSTEAMSCHATUTIL.postMessagetoActivityStream(chat_GR.source_table, chat_GR.source, gs.getMessage("{0}Messages will not be auto imported as {1} doesn't have a valid teams token.", ['[code]', this.MSTEAMSIMPORTCHATUTIL.getUserNameSpan(gs.getUserDisplayName())]));
                    this.emptyChatRecordImportValues(chat_GR, true);
                    this.MSTEAMSIMPORTCHATUTIL.cancelSubFlow(executionId, gs.getMessage("Initiated by user doesn't have a valid access token"));
                    return;
                }

MSTeamsCredentialsHelper().isAccessTokenOrRefreshTokenAvailable() eventually calls getUserCredential() which attempts to lookup the oauth requestor profile from oauth_requestor_profile

getUserCredential: function() {
        // Mapping record is created if not exists;
        var credentialGr = new sn_now_azure.MSAzureUserUtils().getAzureMappingGr(true);
        var requestorProfileGr = new GlideRecord(this.TABLES.OAUTH_REQUESTOR_PROFILE);
        requestorProfileGr.addQuery(this.FIELDS.REQ_CONTEXT, this.DEFAULT_REQUESTOR_CONEXT);
        requestorProfileGr.addQuery(this.FIELDS.REQ_ID, credentialGr.getUniqueValue());
        requestorProfileGr.query();
        requestorProfileGr.next();
        this.requestorProfile = requestorProfileGr.getUniqueValue();
        this.requestorId = credentialGr.getUniqueValue();
    },

I confirmed the user does have a valid record on sn_now_azure_user, which is used to populate this.FIELDS.REQ_ID in the above query, so the issue seems to be related to the fact that this query couldn't locate a record on oauth_requestor_profile for the user. 

 

Why would a record be created on sn_now_azure_user for this user, but not oauth_requestor_profile?

0 Helpfuls
  • 875 Views
2 REPLIES 2

KumarC
Tera Contributor

‎02-06-2024 09:50 PM

Hi Brian,

You got any solution for this please?

Thank you!!

0 Helpfuls

yoga1
Tera Contributor

‎06-25-2024 09:52 AM

Any update on this? we do have same problem 

 

0 Helpfuls