![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 32%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
Microsoft 365 and Office | Other
Miscellaneous topics that do not fit into specific categories.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 92%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
The error indicates a broken or invalid connection during deployment. For HTTP with Microsoft Entra ID (preauthorized), the failure to “Create and authorize OAuth connection” typically aligns with the generic broken-connection causes described for Power Automate connections.
Based on the documented patterns, check the following in the Test environment and for the account used to create the connection:
- Verify the account is valid and enabled
- Ensure the user/service account that owns or is used to create the HTTP with Microsoft Entra ID connection in Test is not deleted or disabled in Microsoft Entra ID.
- If the original connection owner account was deleted/disabled, another user with access must reauthorize or recreate the connection so ownership is updated and flows can run again.
- Check for password or credential changes
- If the account’s password was changed or reset since the original connection was created in DEV, existing tokens are invalid.
- In that case, edit the connection or create a new one in the Test environment using the updated credentials.
- If password changes are frequent, consider using a service principal–based connection instead of a user account.
- Confirm Microsoft Entra ID configuration and policies
- If conditional access, MFA, or other security policies were changed between DEV and Test (or for the account), tokens may be blocked and the connection creation will fail.
- Coordinate with the tenant administrator to verify no new policies are preventing OAuth token issuance for the connector in the Test environment, and reauthorize after any policy adjustments.
- Check if the application/service principal is disabled
- If the underlying app registration or service principal used by the connector has been disabled or a related subscription lapsed, token issuance will fail.
- Ask the tenant administrator to confirm the app is enabled; if it was disabled, it must be reenabled or a new service principal connection created.
- Recreate the connection in Test with correct identity
- In the Test environment, explicitly create a fresh HTTP with Microsoft Entra ID (preauthorized) connection using an account or service principal that:
- Exists and is enabled in the directory.
- Has not had its password/token invalidated without reauth.
- Is not blocked by new Entra ID policies.
- In the Test environment, explicitly create a fresh HTTP with Microsoft Entra ID (preauthorized) connection using an account or service principal that:
If the connection still cannot be created after these checks, involve the tenant administrator to review Entra ID sign-in logs and app status, focusing on token issuance failures or blocked sign-ins for the connector during the deployment attempt.
References: