Skip to main content

Hi everyone,

 

I have a bot that is run regularly (several times a day) and uploads/downloads some files from a Sharepoint site.

It suddenly stopped working with the error message 

Status: 401 

Details: {"error":"invalid_request","error_description":"Token type is not allowed."}

 

Did anyone ever faced this error ? I have not changed anything on my side

EDIT : there was a change on the Sharepoint admin side regarding MFA, it was not directly related with AA.

That’s an interesting question, Augustin !

I think the following community members may be able to help 

@Marc Mueller 

@Vatsy 

@Zaid Chougle 

@Tamil Arasu10 

@madhu subbegowda 

@jackson 

@HARUN KUMAR 

@NewTushitha 

@Sridhar Yadlapalli 

Hi ​@Augustin 

 

Yes, the error you're seeing — 401 Unauthorized with the message "error":"invalid_request","error_description":"Token type is not allowed." — typically happens when:

  1. The access token used by your bot is no longer valid for authentication, likely due to a change in authentication policy.

  2. Token type mismatch: The token you're sending is not accepted by SharePoint anymore (e.g., sending a bearer token intended for user-based authentication instead of an app-only token).

  3. Recent MFA enforcement has changed how your bot must authenticate.

 

Try This:

Switch to App-only authentication using Client Credentials Flow:

  • Register an Azure AD App.

  • Grant Sites.ReadWrite.All API permission.

  • Use client_id, client_secret, and tenant_id to get a token.

  • Use this token to access SharePoint.

This approach bypasses MFA and is ideal for background services.

 

Best Regards,

Sridhar

@Augustin have you been able to solve this issue? If ​@Sridhar Yadlapalli’s answer helped, feel free to tag it as best answer

@Augustin have you been able to solve this issue? If ​@Sridhar Yadlapalli’s answer helped, feel free to tag it as best answer

Hi Shreya, it was a problem with my customer, not with AA itself.

Reply


Terms & ConditionsCookie settings