AADSTS70008: The provided authorization code or refresh token has expired due to inactivity

Question

AADSTS70008: The provided authorization code or refresh token has expired due to inactivity

Maxine Widemann 36

Hi,

I am trying to set up an API connection with Microsoft Graph in order to automate our employee onboarding process (i.e. create a user in microsoft 365). After registering the app and defining the permissions, I am stuck at the authorization and authentication step.

Namely, when sending an interactive authentication request, I obtain a code which I then use to request an acces token. However, I directly get the following error message:
AADSTS70008: The provided authorization code or refresh token has expired due to inactivity. Send a new interactive authorization request for this user and resource.

How is it possible when I have just created the app and not been able to obtain a token yet?

Any help is appreciated !

Maxine

CarlZhao-MSFT 46,376 Reputation points

2021-11-25T01:46:08.353+00:00

Hi @Maxine Widemann

Did you send a new interactive authorization request? Still reporting an error?
Maxine Widemann 36 Reputation points

2021-11-25T08:29:34.293+00:00

Hi, thank you for your answer. We have sent multiple authorization requests and it is still reporting an expiration error unfortunately. I have also tried creating a completely new app but the same error occurs...
CarlZhao-MSFT 46,376 Reputation points

2021-11-25T08:37:50.527+00:00

Can you get the authorization code?
CarlZhao-MSFT 46,376 Reputation points

2021-11-25T08:41:51.077+00:00

Hi @Maxine Widemann

Can you share your operation process?
Maxine Widemann 36 Reputation points

2021-11-25T08:51:42.537+00:00

We are creating an action flow in Integromat (celonis).

This is the http request and the repsonse:
CarlZhao-MSFT 46,376 Reputation points

2021-11-25T09:29:36.987+00:00

I'm not sure if it is related to the api tool, can you use postman to test it?
Maxine Widemann 36 Reputation points

2021-11-25T16:24:42.997+00:00

Hi, I tried to obtain the access token with postman and it worked. However, when trying to create a user as follows, I get a 'Insufficient privileges to complete the operation.' error:

When I check the details of the token on https://jwt.ms/ , all the necessary permissions are listed in the scope, so I do not know what is going wrong.

Thanks again for your help!
CarlZhao-MSFT 46,376 Reputation points

2021-11-26T01:51:31.707+00:00

This is because your user is not an administrator. When creating a user, make sure that the user you log in is at least granted the role of user administrator.
CarlZhao-MSFT 46,376 Reputation points

2021-11-26T02:02:04.89+00:00

Hi @Maxine Widemann

I updated the answer.

Accepted answer

0 additional answers

Your answer

CarlZhao-MSFT 46,376 Reputation points

2021-11-25T01:46:08.353+00:00

Hi @Maxine Widemann

Did you send a new interactive authorization request? Still reporting an error?
Maxine Widemann 36 Reputation points

2021-11-25T08:29:34.293+00:00

Hi, thank you for your answer. We have sent multiple authorization requests and it is still reporting an expiration error unfortunately. I have also tried creating a completely new app but the same error occurs...
CarlZhao-MSFT 46,376 Reputation points

2021-11-25T08:37:50.527+00:00

Can you get the authorization code?
CarlZhao-MSFT 46,376 Reputation points

2021-11-25T08:41:51.077+00:00

Hi @Maxine Widemann

Can you share your operation process?
Maxine Widemann 36 Reputation points

2021-11-25T08:51:42.537+00:00

We are creating an action flow in Integromat (celonis).

This is the http request and the repsonse:
CarlZhao-MSFT 46,376 Reputation points

2021-11-25T09:29:36.987+00:00

I'm not sure if it is related to the api tool, can you use postman to test it?
Maxine Widemann 36 Reputation points

2021-11-25T16:24:42.997+00:00

Hi, I tried to obtain the access token with postman and it worked. However, when trying to create a user as follows, I get a 'Insufficient privileges to complete the operation.' error:

When I check the details of the token on https://jwt.ms/ , all the necessary permissions are listed in the scope, so I do not know what is going wrong.

Thanks again for your help!
CarlZhao-MSFT 46,376 Reputation points

2021-11-26T01:51:31.707+00:00

This is because your user is not an administrator. When creating a user, make sure that the user you log in is at least granted the role of user administrator.
CarlZhao-MSFT 46,376 Reputation points

2021-11-26T02:02:04.89+00:00

Hi @Maxine Widemann

I updated the answer.

Answer 1

Hi @Maxine Widemann

1.This is an error caused by the api tool, you can switch to postman to get the token.

2.When creating a user, you must ensure that the user you log in is granted at least the role of user administrator.

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Share via

AADSTS70008: The provided authorization code or refresh token has expired due to inactivity

0 additional answers

Your answer