Skip to main content
Kofax

Configuring MS Graph import source to use oAuth server

Article # 3038281 - Page views: 95

Issue

When configuring an MS Graph import source in TotalAgility (KTA), we choose an oAuth server
However, the oAuth server has not been authenticated with the same user that we are configuring the MS Graph Import source for we get the error:
“The specified object was not found in the store., The process failed to get the correct properties.”

Cause

OAuth 2.0 Authorization Code Grant is user specific.
If a KTA oAuth server is configured for UserA with Authorization Code grant, then this KTA oAuth server can be used inside an Import Connector only with UserA.

This behavior is by-design with OAuth 2.0 standards. Here, when you create a KTA oAuth server using Authorization Code grant for UserA, the oAuth token that Azure AD server generates and gives back to KTA is just for UserA.

You cannot use this token (inside a KTA Import connector) with any other user other than UserA.

Solution

If you want a general KTA oAuth server which can be used with any user inside Import Connectors, please consider using Client Credentials grant.

Please note that API permissions inside Azure Portal are different for Authorization Code grant and Client credentials grant, which you have to request your Azure tenant admin to configure accordingly. Check permissions in the Administrator's GuidePermissions for OAuth section

The scope when using Client Credentials is - https://graph.microsoft.com/.default

Level of Complexity 

Moderate

Applies to  

Product Version Build Environment Hardware
TotalAgility v7.9 +      

References

 

 

Article # 3038281
  • Was this article helpful?