Announcing the SAVIYNT KNOWLEDGE EXCHANGE unifying the Saviynt forums, documentation, training, and more in a single search tool across platforms. Click HERE to read the Announcement.

OAuth Email - Invalid User error

StaceyG
New Contributor II
New Contributor II

 

We are getting the below error trying to send a test email with the OAuth email configuration. The Saviynt logs show a status codes of 200 and 404. Logs are attached. I am assuming this means we've not configured the Azure side correctly however, I don't completely understand how the UserID below is utilized.

StaceyG_2-1675290752533.png

 

StaceyG_1-1675290695984.png

 

3 REPLIES 3

StaceyG
New Contributor II
New Contributor II

Saviynt logs attached here.

rushikeshvartak
All-Star
All-Star

It seems issue with user and password


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Sivagami
Valued Contributor
Valued Contributor

@StaceyG - Make sure the user id field captures the UPN of the user & email address field captures the associated email address of the user. Based on your domain AD username generation / email generation rules,  UPN and email address can have different values. Please validate it once. If your domain uses same naming convention for UPN and email address, then user id and email address can be same.

Sivagami_0-1675432575292.png

Sivagami_1-1675432751070.png

 

Secondly, check the application set up in your Azure and capture the client id, tenant id from the app overview page

Sivagami_2-1675433691449.png

Create a client secret for your application & input in the client secret field. Steps below

  1. Search for and select Azure Active Directory.
  2. Select App registrations and select your application from the list.
  3. Select Certificates & secrets.
  4. Select Client secrets, and then Select New client secret.
  5. Provide a description of the secret, and a duration.
  6. Select Add.

Once you've saved the client secret, the value of the client secret is displayed. Copy this value because you won't be able to retrieve the key later. You'll provide the key value with the application ID to sign in as the application. Store the key value where your application can retrieve it. 

Next, you need to make sure appropriate API permissions are assigned. Steps below

  1. Search for and select Azure Active Directory.
  2. Select App registrations and select your application from the list.
  3. Select API Permissions.
  4. Select Add Permission
  5. Add Microsoft graph Mail related permissions to your app. Some permissions need Admin consent and hence ask the azure admin to approve the request.

Sivagami_3-1675434238505.png

Post all this steps are done, input appropriate values in the send email OAuth settings page & try to save and test connection.

-Siva