Confused about Sharepoint Spoke setup

jw9 · ‎03-23-2022

Hi,

I am trying to setup the Sharepoint Spoke but there is conflicting information about how to

The docs detail several steps from creating JKS-certificate to adding JWT keys and JWT provider and then creating the OAuth Profile and connection.

https://docs.servicenow.com/bundle/rome-servicenow-platform/page/administer/integrationhub-store-spokes/task/configure-ms-sharepoint.html#configure-ms-sharepoint

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0788079

This support KB article on the other hand only says to create the OAuth profile and the tenant with a different Token URL than in the docs.

I have tried both methods but failed to connect after following all the steps.

When following the KB article: Able to Get Oauth token via the Credentials form but getting 401 - Invalid Authorization Token when actually testing the spoke.

When following the docs: Not able to get OAuth token via the credentials form -

OAuth flow failed. Verify the configurations and try again. Error detail:invalid_client, AADSTS700027: Client assertion contains an invalid signature. [Reason - The key was not found., Thumbprint of key used by client: 'xxxxxxxx', Please visit the Azure Portal, Graph Explorer or directly use MS Graph to see configured keys for app Id 'xxxx'. Review the documentation at https://docs.microsoft.com/en-us/graph/deployments to determine the corresponding service endpoint and https://docs.microsoft.com/en-us/graph/api/application-get?view=graph-rest-1.0&tabs=http to build a query request URL, such as 'https://graph.microsoft.com/beta/applications/xxxx']. Trace ID: xxxx Correlation ID: xxxx Timestamp: 2022-03-23 09:00:24Z, https://login.microsoftonline.com/error?code=700027

dan167 · ‎08-17-2022

My issue was on the Azure application side. One of the permissions in the Azure App was setup wrong. We did not have delegate and application permissions setup correctly. I think we had the application permission setup as a delegate permission.

Under API Permissions, add the Microsoft Graph permission:
1. Click Add a permission.
2. Select Microsoft Graph.
3. Select Delegated Permissions.
4. From the Sites list, select Sites.ReadWrite.All permission.
5. From the User list, select User.Read permission.
6. Click Add permissions.
Under API Permissions, add the SharePoint permission:
1. Click Add a permission.
2. Select SharePoint.
3. Select Application Permissions.
4. From the Sites list, select the Sites.FullControl.All permission.
5. Click Add permissions.

View solution in original post

dan167 · ‎04-22-2022

Were you able to figure this out? I am having a similar issue. I can get OAuth token but as soon as I try to test an execution it fails with Invalid Authorization Token Status code 401.

Saurav Bhardwa2 · ‎05-08-2023

Did you able to resolve this, I am having the same issue. Connection is set up, but I am getting Invalid authorization token in Flow Designer Logs. Would you able to help me with this please?

Manisha Maurya · ‎11-13-2023

Hello Saurav, were you able to solve it, I have the same issue.

Saurav Bhardwa2 · ‎11-13-2023

Hello @Manisha Maurya ,

Yes, we were able to resolve that, make sure to generate the new thumbprint, MS developer will provide you that, if he is the one registered the application in Azure.
Once you have the thumbprint, make sure to add that in the http_connection table record in field "Encoded Certificate Thumbprint (Base64)"

Let me know if that resolves the issue.