OAuth flow failed. Verify the configurations and try again. Error detail:invalid_request, Missing parameters: access_token error

Question

OAuth flow failed. Verify the configurations and try again. Error detail:invalid_request, Missing parameters: access_token while trying to integrate servicenow with MS Teams

Answer 1

Hello Vibhor Agarwal,
The error invalid_request: Missing parameters: access_token indicates that the OAuth flow is breaking during the token exchange step, not during authentication or permissions validation. In the Microsoft Teams–ServiceNow integration, this means authentication likely succeeded, but the system failed to return a valid access_token in the expected format.

This issue is almost always caused by a misconfiguration in the OAuth flow, not secrets or permissions. The integration requires a strict OAuth 2.0 authorization code flow, where ServiceNow must authenticate the user, exchange the authorization code, and return a properly structured JSON response containing access_token.

The most common causes include:

• Incorrect grant type (must be authorization_code)

Token endpoint not returning access_token (or returning it incorrectly)

• Redirect URI mismatch between Teams and ServiceNow

Using the wrong endpoint (authorize instead of token endpoint)

• Returning URL-encoded response instead of JSON

Reference Document-
https://learn.microsoft.com/en-us/connectors/custom-connectors/troubleshoot-oauth2#troubleshoot-the-oauth-flow

Answer 2

Hello Vibhor Agarwal
Thank you for posting question to Microsoft Q&A Forum.

This error usually indicates that the OAuth flow completed, but the access token was not received or not passed correctly to the protected endpoint.

Before reviewing any custom code, could you please confirm:

-Which OAuth grant type is being used?

-Whether the token response includes an access_token field

-How the access token is passed in the request (Authorization header vs parameter)

-Whether re‑issuing the token from System OAuth → Manage Tokens has been tested

If you are using custom scripting or a custom connector and the issue persists after these checks, please share only the relevant token‑handling portion (no secrets) and brief explanation about your code.
Please review the suggestions from Q&A Assist as well. As this is third-party integration, I will try my best to assist - please send me the portion via private message.

I am looking forward to your response.

---

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Answer 3

The error invalid_request, Missing parameters: access_token indicates that the OAuth flow completed incorrectly and the API call to ServiceNow (or to the Teams-side integration) is being made without including the access_token parameter or header that the endpoint expects.

Use the following checks and fixes:

1. Verify the OAuth flow end-to-end outside Teams
   • Before wiring into Teams, validate the ServiceNow OAuth flow with a tool such as Postman:
     1. Call the OAuth token endpoint with the same client ID, client secret, and other parameters that the Teams/ServiceNow integration will use.
     2. Confirm the token endpoint returns an access token (and refresh token if applicable).
     3. Call the ServiceNow API using that access token and verify the call succeeds.
     4. If using refresh tokens, call the refresh endpoint and confirm a new access token is returned and works.
   • If any of these steps fail, fix the OAuth configuration (URLs, client ID/secret, scopes) before returning to the Teams integration.
2. Ensure the access token is sent correctly in API calls
   • When calling the ServiceNow API (or any protected API) from the bot/Teams app, the access token must be included in the Authorization header:
     • Authorization: Bearer <access_token>
   • If the endpoint expects the token as a parameter and not a header, ensure the parameter name and placement match the ServiceNow OAuth/API specification.
   • The error message explicitly says Missing parameters: access_token, which means the endpoint did not receive the token in the expected place.
3. Check OAuth configuration for the connector/app
   • For custom connectors or integrations:
     • Confirm the token URL and (if used) refresh URL are correct and match what was tested in Postman.
     • Confirm the client ID and client secret configured in the connector match those used in successful Postman tests.
     • Ensure the grant type used supports access and refresh tokens (Authorization Code or On-Behalf-Of; not implicit or client credentials if refresh tokens are required for the connector scenario).
4. Handle token and permission errors in the Teams app
   • In a Teams app or bot using OAuth:
     • Implement error handling for missing, expired, or invalid tokens.
     • If a 401/403 is returned from ServiceNow, re-initiate the sign-in flow so a fresh access token is obtained and then re-send the request with the new token.
     • Verify that all required scopes/roles are granted on the ServiceNow side so the token is valid for the requested API.
5. ServiceNow-specific OAuth checks
   • For ServiceNow OAuth 2.0 (client credentials flow example):
     • Confirm the client ID and secret are correct and that the OAuth Application User is configured.
     • Ensure the correct OAuth API endpoint for external clients is used as the token endpoint.
     • If the token endpoint itself fails, fix that first before troubleshooting the Teams side.

Once the token endpoint is returning a valid access token and the bot/connector is sending that token in the Authorization: Bearer header (or as the documented access_token parameter), the Missing parameters: access_token error should no longer occur.

---

References:

• Troubleshoot OAuth configuration
• Verifying OAUTH configuration for Custom Connectors
• ServiceNow data connector
• Enable OAuth authentication for API based message extension