Jira Mail Handler and Service Management Mail Handler cannot be configured using Oauth 2.0, due to Microsoft License issue

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

    

Summary

Both types of mail handlers (Jira and Service Management) can't be configured with a Microsoft Mailbox (shared or non shared) using the Oauth 2.0 authentication:

  • Configuring a Jira Service Management (JSM) Mail Handler for a Service Management project via the page Project Settings > Email Request fails while using the authorize button with the Oauth 2.0 authentication
  • Configuring a Jira Mail Server in ⚙ > System > Incoming Mail fails during the Test Connection step


Environment

Jira Service Management 4.10.0 / Jira 8.10.0 and higher, integrated with Office 365 or Microsoft Exchange

Diagnosis

  • An Oauth 2.0 integration was configured in ⚙ > System > Oauth 2.0, with the same scopes as the ones mentioned in Integrating with Oauth 2.0, and the connection test was successful
  • When trying to configure a JSM Mail Handler via the page Project Settings > Email Request,

    • the following error is thrown in the UI

      Here's the error we received: "OAuth token not defined for connection. OAuth Authorisation required."


    • the following error is thrown in the Jira Incoming Mail Logs

      2021-11-22 12:22:32,914+0100 ERROR [] https-jsse-nio-8443-exec-5 julien 742x19484x1 1nxdphq 127.0.0.1 /rest/servicedesk/1/servicedesk/admin/email/test Unable to connect to the server at outlook.office365.com due to the following exception:
com.atlassian.jira.internal.mail.processor.errors.MailConnectionException: OAuth token not defined for connection. OAuth Authorisation required.
	at com.atlassian.jira.internal.mail.processor.feature.channel.connectionverifier.DefaultChannelConnectionVerifier.verifyConnectionDefinition(DefaultChannelConnectionVerifier.java:76) [?:?]
	at com.atlassian.jira.internal.mail.processor.feature.channel.connectionverifier.DefaultChannelConnectionVerifier.verifyConnectionDefinition(DefaultChannelConnectionVerifier.java:58) [?:?]
	at jdk.internal.reflect.GeneratedMethodAccessor3792.invoke(Unknown Source) [?:?]
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [?:?]

  • Note that when trying to configure the same mailbox in Project Settings > Email Requests, but this time with Basic Authentication (using the mailbox password), a different error is thrown:

    We couldn't connect to your mail server

JIRA couldn't open the folder 'inbox' at outlook.office365.com. Check and make sure the folder name is correct and try again. Check out our troubleshooting docs for help resolving the issue.



  • When trying to configure a Jira Mail Server with Oauth 2.0 in ⚙ > System > Incoming Mails 
    • Clicking on the Authorize button leads to a successful result
    • Clicking on the Test Connection button leads to an error thrown in the UI

    • The following error is thrown in the Jira logs

      2021-12-08 11:16:58,578+0100 https-jsse-nio-8443-exec-21 ERROR julien 676x39887x1 9qaxhs 127.0.0.1 /secure/admin/VerifyPopServerConnection!add.jspa [c.a.j.p.mail.webwork.VerifyMailServer] Unable to connect to the server at outlook.office365.com due to the following exception: javax.mail.AuthenticationFailedException: AUTHENTICATE failed.
  • When logging directly into the mailbox in Microsoft Outlook (https://outlook.office.com/mail/inbox), the following error is thrown in the UI:

    • Error:

      UTC Date: 2021-12-08T09:50:21.069Z
BootResult: configuration
Client Id: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Session Id: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXX
Client Version: 20211129004.15
err: Microsoft.Exchange.Clients.Owa2.Server.Core.OwaUserHasNoMailboxAndNoLicenseAssignedException
esrc: StartupData
et: ServerError
estack: Error: 500
    at i (https://outlook.office.com/mail/inbox/:363:209906)
    at https://outlook.office.com/mail/inbox/:363:147412
st: 500
ehk: X-OWA-Error
efe: CY4PR16CA0042, AS8P250CA0011
ebe: CY4PR10MB1639
emsg: UserHasNoMailboxAndNoLicenseAssignedError
    • Screenshot of the error:



Cause

There is no license provided for the Microsoft account to access the mailbox that belongs to this account.

Solution

Reach out to your Microsoft Administration team to grant the account a license allowing to access the mailbox.

One way to grant a license to the account is to go to the Azure Admin portal, as explained in Assign or remove licenses in the Azure Active Directory portal. Basically, what your admin user can do is:

  • Log into https://portal.azure.com/ as an Admin user
  • Go to Users and click on the account that needs a license
  • After that, click on on Licenses > Assignments 



Last modified on Dec 8, 2021

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.