Workspace 365

It may happen that you cannot log into Workspace anymore due to one of the oAuth2 error messages described below. In this article, we explain how to fix this issue.

"Sorry, we weren't able to retrieve an OAuth token from the authority server"

Explanation: this error message is due to an expired client secret or the oAuth2 token has been expired or deleted.

Solution: you will need to create a new client secret and set up SSO for your Workspace environment. To fix this issue, follow the steps below:

Go to your Workspace SSO App Registration in Microsoft Entra ID (previously called Azure AD).

- Tip: You can set the <a href="https://intercom-help.eu/workspace-365-eu/en/articles/175372" rel="nofollow noopener noreferrer" target="_blank">expiration date</a> on 99 years.
- After creation, make sure to copy the key (value)! You can use this key in the next step.

<a href="https://intercom-help.eu/workspace-365-eu/en/articles/175614" rel="nofollow noopener noreferrer" target="_blank">Request Emergency Access</a> for the admin account and follow the steps provided to update the key in the <a href="https://intercom-help.eu/workspace-365-eu/en/articles/175372" rel="nofollow noopener noreferrer" target="_blank">SSO setup</a> for your Workspace.

1. Go to your Workspace SSO App Registration in Microsoft Entra ID (previously called Azure AD).
2. Navigate to Certificates &amp; Secrets.
3. Create a new Client Secret.
 
 - Tip: You can set the <a href="https://intercom-help.eu/workspace-365-eu/en/articles/175372" rel="nofollow noopener noreferrer" target="_blank">expiration date</a> on 99 years.
 - After creation, make sure to copy the key (value)! You can use this key in the next step.
4. <a href="https://intercom-help.eu/workspace-365-eu/en/articles/175614" rel="nofollow noopener noreferrer" target="_blank">Request Emergency Access</a> for the admin account and follow the steps provided to update the key in the <a href="https://intercom-help.eu/workspace-365-eu/en/articles/175372" rel="nofollow noopener noreferrer" target="_blank">SSO setup</a> for your Workspace.

___________________________________________________________

Explanation: we automatically fetch the first domain available in the tenant. It could happen that this is an old or strange domain to you, not used as default domain for the tenant or e.g. accidentally deleted the secret key for the SSO application in Microsoft Entra ID (previously called Azure AD).

Update this domain by updating the authority property in the SSO Settings in Workspace. This can be found under the <a href="https://intercom-help.eu/workspace-365-eu/en/articles/175372" rel="nofollow noopener noreferrer" target="_blank">manual</a><a href="https://intercom-help.eu/workspace-365-eu/en/articles/175372" rel="nofollow noopener noreferrer" target="_blank"> setup</a> of SSO.

Do issues still persists? <a href="https://intercom-help.eu/workspace-365-eu/en/articles/175614" rel="nofollow noopener noreferrer" target="_blank">Request emergency access</a> for the admin account and follow the steps to update the Workspace SSO App Registration in Microsoft Entra ID, or if needed, recreate it.

1. Update this domain by updating the authority property in the SSO Settings in Workspace. This can be found under the <a href="https://intercom-help.eu/workspace-365-eu/en/articles/175372" rel="nofollow noopener noreferrer" target="_blank">manual</a><a href="https://intercom-help.eu/workspace-365-eu/en/articles/175372" rel="nofollow noopener noreferrer" target="_blank"> setup</a> of SSO.
2. Do issues still persists? <a href="https://intercom-help.eu/workspace-365-eu/en/articles/175614" rel="nofollow noopener noreferrer" target="_blank">Request emergency access</a> for the admin account and follow the steps to update the Workspace SSO App Registration in Microsoft Entra ID, or if needed, recreate it.

Overview

Error messages & Solutions

"Sorry, we weren't able to retrieve an OAuth token from the authority server"

Redirected to a "strange domain"