FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

OAuth 2.0 Microsoft - Token error randomly

rmarkwald
Apprentice

‎11-06-2024 12:14 PM

All,

In preparation for SMTP AUTH getting turned off next year, I have set up the OAuth 2.0 (Microsoft) setting in the four Canon MFP's we currently have.  One machine, a Canon iR-ADV 529, will scan to email fine for about one week, then stops.  Remoting in shows a "token error", so we have to disable and enable the OAuth 2.0 function again, re-authenticate using the User Code, and it works...for about a week.  The other three machines do not do this and work without issue.

I know refresh tokens are valid for 90 days.  Does the MFP communicate with Office 365 before the 90-day mark to get a new token automatically, or will this require us to remote in to do these every 90 days?

Reaching out to our service vendor, they state "Not much else out there other than to redo it when it happens. I'm beginning to think it isn't a reliable service, but we have no control over it. Scan to Folder is the other option you can do."...I'm working with the remote site to further troubleshoot, but outside of this one MFP, I am starting to think something on-site could be an issue.

0 Likes
8 REPLIES 8

Danny
Moderator
Moderator

‎11-06-2024 12:16 PM

Thanks for joining the conversation, rmarkwald!

While our forum community members are welcome to chime in, Canon does not provide direct support for imageRUNNER series products. Instead, your dealer will be able to help you! If you don't have a dealer and you're in the United States, please call us at 1-800-OK-CANON (1-800-652-2666) and we will be happy to provide you with the names of dealers in your area.

If you're outside the USA, visit http://global.canon and choose your country or region from the map for local support.

We hope this helps!

0 Likes

bugmenotcanon
Apprentice

‎01-13-2025 01:18 PM - edited ‎01-13-2025 01:18 PM

Hi Mark,

I don't know if I've found the solution, but I think I know one or two things that might work.

  1. As you pointed out, refresh tokens are valid for 90 days, and as far as I could see, those aren't configurable.  However, I found a post on the Microsoft forums saying "... you can configure the sign-in frequency in Conditional Access to define the time periods before a user is required to sign in again." This seems to suggest a possible work-around. What I did:
    1. Go to entra.microsoft.com then Identity > Applications > Enterprise Applications
    2. Find & click "Application for Sending E-mail..." then click "Conditional Access" in the sidebar
    3. "New policy" at the top > click "0 controls" under Session > Type a name (ex: extended-login)
    4. Check Sign-in frequency > type a number and choose Days in the drop-down > click Select
    5. Click On at the bottom for "Enable policy" and then click Create
    6. In theory, now you'll just need to authenticate the printers once a year
       
  2. One of the first things I looked at was to compare OAuth Enterprise App configuration for the printers vs another app I have for OAuth for my Service Desk to send emails. When you find the printer app in sub-step 2 above, right under Conditional Access is Permissions - when you go there, there aren't any permissions listed. However, my Service Desk's KB article advised me to add the following permissions for the app. 
    However, this also has a "companion" app on portal.azure.com where I had to create a certificate that I then copied details from into the Service Desk config.  I set this cert to have a 2-year expiration.  I don't think Canon's config has anything that we can add these details to, so I'm not sure how viable this idea is, and I wasn't keen in adding permissions without verifying that they're necessary. Anyway, the permissions from the other app are shown in the table below if you want to play with them.  If I find anything else, I may update this again.

 

API nameClaim valuePermissionTypeGranted throughGranted by
Microsoft Graphoffline_accessMaintain access to data you have given it access toDelegatedAdmin consentAn administrator
Microsoft GraphUser.ReadSign in and read user profileDelegatedAdmin consentAn administrator
Microsoft GraphIMAP.AccessAsUser.AllRead and write access to mailboxes via IMAP.DelegatedAdmin consentAn administrator
Microsoft GraphPOP.AccessAsUser.AllRead and write access to mailboxes via POP.DelegatedAdmin consentAn administrator
Microsoft GraphSMTP.SendSend emails from mailboxes using SMTP AUTH.DelegatedAdmin consentAn administrator
Microsoft GraphMail.ReadWriteRead and write access to user mailDelegatedAdmin consentAn administrator

 

 

 

rmarkwald
Apprentice
In response to bugmenotcanon

‎01-13-2025 01:59 PM

Thank you for this information!  I do appreciate it!

0 Likes

Jkirby555
Apprentice
In response to rmarkwald

‎04-08-2025 09:48 AM

Hi rmarkwald,

Did either of these solutions work for you?

0 Likes

rmarkwald
Apprentice
In response to Jkirby555

‎04-08-2025 09:53 AM

I read over bugmenotcanon's post, and did not perform either option at this time.  We just did an office move and I had to re-authenticate the Canon, but it only required me to re-authenticate it one other time which was after some bad weather and the building lost power.  It seems to happen occasionally, not enough at the moment to dig further, but it is on my radar to look into more when I have time.  We still use OAuth 2.0 on it currently.

 

0 Likes

bend1
Apprentice

‎07-29-2025 11:50 AM

We have this exact same issue on our Canon  iR-ADV C357 printers. The OAuth2.0 randomly expires. It will say "token error". The "user code" always seems to be stuck until I got into the basic settings of the printer and then go back. It happens on different printers and different address locations. To fix the token error I have to go into the printer ----> Microsoft Oauth2.0 ---> click on "Edit..." (to edit Basic settings) ----> don't change anything and click "OK" (to bring back to Oauth2.0 Microsoft main page) --->  I click "refresh icon" and then the "user code" will change ----> Then I have to reauthorize the token and activate it

I've contacted our support rep and they said the printer's firmware is up to date and nothing much they can do. Kind of at a loss with this issue. 

 

0 Likes

IP-KVD
Apprentice
In response to bend1

‎07-31-2025 12:09 PM

We have exactly the same issue at one office. 3 canon copiers, all identical models, all on the same firmware version recently updated by the vendor.

Two are good as gold, zero issues. Number 3 breaks every week

0 Likes

SamanthaW
Moderator
Moderator
In response to IP-KVD

‎07-31-2025 12:12 PM

Hi,

We definitely recommend reaching out to your dealer, because that sounds frustrating as heck! If you don't already have one, give our support team a call and they'll find one for you! 1-800-OK-CANON (1-800-652-2666), Monday to Friday, excluding holidays. 

Thanks for posting!

0 Likes
Holiday
Announcements

11/20/2025: New firmware updates are available.

EOS R6 Mark III - Version 1.0.1

EOS R3 - Version 2.0.0

EOS R1 - Version 1.2.0

EOS R5 Mark II - Version 1.2.0

EOS R5 - Version 2.2.1

PowerShot G7 X Mark III - Version 1.4.0

PowerShot SX740 HS - Version 1.0.2


10/21/2025: Service Notice: To Users of the Compact Digital Camera PowerShot V1

10/15/2025: New firmware updates are available.

Speedlite EL-5 - Version 1.2.0

Speedlite EL-1 - Version 1.1.0

Speedlite Transmitter ST-E10 - Version 1.2.0


07/28/2025: Notice of Free Repair Service for the Mirrorless Camera EOS R50 (Black)

07/24/2025: New firmware updates are available.


07/23/2025: New firmware updates are available.

EOS R5C - Version 1.1.1.1

EOS C80 - Version 1.0.3.1


7/17/2025: New firmware updates are available.

EOS R7 - Version 1.7.1

EOS R10 - Version 1.7.0

EOS R8 - Version 1.5.0

EOS R50 - Version 1.4.0

Powershot V10 - Version 1.4.0

Powershot V1 - Version 1.1.0

EOS R50V - Version 1.1.1


05/21/2025: New firmware update available for EOS C500 Mark II - Version 1.1.5.1

02/20/2025: New firmware updates are available.

RF70-200mm F2.8 L IS USM Z - Version 1.0.6

RF24-105mm F2.8 L IS USM Z - Version 1.0.9

RF100-300mm F2.8 L IS USM - Version 1.0.8

RF50mm F1.4 L VCM - Version 1.0.2

RF24mm F1.4 L VCM - Version 1.0.3


01/22/2024: Canon Supports Disaster Relief Efforts in California
01/14/2025: Steps to resolve still image problem when using certain SanDisk SD cards with the Canon EOS R5 Mark II
Copyright © 2025 Khoros, LLC