The provided grant has expired due to it being revoked - Email outgoing / incoming issue

The provided grant has expired due to it being revoked - Email outgoing / incoming issue

Couple of issues related to Refresh tokens expiry 

Error trace :

Caused by: java.lang.Exception: {"error_description":"XXTTHHSS: The provided grant has expired due to it being revoked, a fresh auth token is needed. The user might have changed or reset their password. The grant was issued on '2023-04-21T04:53:58.1623788Z' and the TokensValidFrom date (before which tokens are not valid) for this user is '2023-06-15T11:15:43.0000000Z'.\r\nTrace ID: b360e4c1-f5c9-435b-a008-520839e40100\r\nCorrelation ID: AXVEDSDSDSDSDSDDSSFf\r\nTimestamp: 2023-07-12 05:48:55Z","error":"invalid_grant","error_uri":"https:\/\/login.microsoftonline.com\/error?code=50173"}
at com.manageengine.servicedesk.authentication.oauth.util.OauthUtil.refreshAccessToken(OauthUtil.java:247)

Solution:

Saving the outgoing settings again to resolve the issue.

b) Mail fetching stopped :

[10:26:27:332]|[08-04-2023]|[com.manageengine.servicedesk.authentication.oauth.util.OauthUtil]|[INFO]|[639]: Access Token has expired. Initiating Refresh Access Token| [10:26:28:151]|[08-04-2023]|[SYSERR]|[INFO]|[639]: java.lang.Exception: {"error":"invalid_grant","error_uri":"https:\/\/login.microsoftonline.com\/error?code=50173"}| [10:26:28:151]|[08-04-2023]|[SYSERR]|[INFO]|[639]: at com.manageengine.servicedesk.authentication.oauth.util.OauthUtil.refreshAccessToken(OauthUtil.java:286)|

Solution :

Please login to your Azure portal and click Certificates & secrets > New client secret. On the displayed page, provide a Description of the client's secret. Under Expires, choose the validity of the client secret as 24 months and click Add.

Now apply the same value under ServiceDesk Plus mail server settings.

                  New to ADSelfService Plus?

                    • Related Articles

                    • Mail fetching - deleted flag issue

                      This message will be thrown, when you have provided a shared mailbox. The concept here is, SDP MSP reads the mail from the configured mailbox and adds it as a request. During the time, if some other application fetches the mail from the same mailbox ...
                    • Mail Fetching: Inline Images Dropping Due to Invalid Extension

                      Issue: The inline image's file name from the email doesn't contain the extension. Example: filename = sys_attachment.dosys_id=5bb0751c8303b5dc96a238226daad371 As a result, the inline image gets stripped during the mail fetching process. The sender of ...
                    • Mail Fetching: Inability in Decoding 'iso-8859-8-i' Encoded Subjects Results In Mail Fetching failure

                      Issue: Mail fetching fails when the subject is encoded with 'iso-8859-8-i' due to the inability to decode the subject. This issue occurs across IMAP, POP, and EWS configurations. Issue ID: SD-120959 Error Trace for EWS: ...
                    • Troubleshooting Oauth configuration for mail server settings

                      Oauth in ServiceDesk Plus / AssetExplorer for Mail SDP supports Oauth configuration for Office365 and GSuite mailboxes since 11106 build. Office365 mailboxes can be configured with Oauth authentication using EWS (since 11106) and IMAP / SMTP (since ...
                    • List of mail fetching issues and solutions

                      Scenario 1 : Mail fetching issue due to Invalid or No PKIX certificate .   Log traces for Mail Fetching  issues Exception when connecting to store.|javax.mail.MessagingException: sun.security.validator.ValidatorException: PKIX path building failed: ...