LogoLogo
LogoLogo
  • Welcome
  • User manual
    • Windows File Explorer
    • Tray Menu
    • Preferences Menu
  • Deployment
    • System requirements
    • Security
      • Grant tenant-wide admin consent
      • Conditional Access
    • Setup
    • Configure Office 365 account
    • Software updates
  • Advanced Configuration
    • Management options
      • Settings for Intune-managed devices (Import custom ADMX- Public preview)
        • GUI settings
        • Mappings
        • System settings
      • Settings for Intune-managed devices (Legacy)
        • Intune GUI settings
        • Intune mappings
        • Intune system settings
        • Intune other settings
      • Settings via GPO
    • GUI Settings
      • Account re-authentication
      • Change KONNEKT name in explorer
      • Explorer UI
      • Hide tray icon
    • Mappings
      • Additional document libraries
      • Assign drive letters
      • Auto mapping
      • Managed mappings
      • Multi-Geo
    • System settings
      • Authentication browser engine
      • Cache settings
      • Download Directory
      • Enhanced Authentication
      • Link scope
      • Logging
      • Office365 Co-Authoring
      • Offline attribute
      • Open file size limitations
      • SharePoint throttling prevention
      • Skip Account Wizard
      • Update checker
    • Other
      • Proxy settings
      • Set license key
  • Troubleshooting
    • Access token issues
      • Error message about missing token
      • Failed to obtain access token to your OneDrive account
      • Failed to obtain access token
    • Add Share: "Key not found"
    • Clicking a share does nothing
    • Debug log preparation
    • Subscribe a subset of users
    • How to deal with error(s)
    • Empty libraries
      • All libraries are empty
      • Empty default libraries - error 404
    • Manual uninstallation
    • Opening MS Office documents display a warning message
    • Site Collections are not displayed for some users
    • Sites missing or folders empty
    • Some sites or libraries do not appear in KONNEKT
    • Slow Folder Browsing
    • Why is there a grey "X" or "brown suitcase" on my files and folders?
    • What is the maximum path and file name length?
    • How to change the tenant name
    • Failed to open Device
  • Changelog
  • Licensing
    • Azure Marketplace
  • Support
  • KONNEKT Website
Powered by GitBook
On this page
  • Problem
  • Cause
  • Workaround
  • Solution

Was this helpful?

  1. Troubleshooting
  2. Access token issues

Failed to obtain access token

Last updated 8 months ago

Was this helpful?

Problem

When you are trying to log in to KONNEKT you get the error message "Failed to obtain access token".

Cause

KONNEKT does not support having "Excluded Apps" in a MFA-requiring Microsoft Entra (Azure AD) Conditional Access policy in combination with a non-SSO Windows session.

Workaround

Our recommended workaround is to enable the Windows machine for holding a Primary Refresh Token (PRT) e.g. by Entra Join (AAD Join) or Register. Please see for details.

Other alternatives are (not really recommended):

  • Remove MFA requirement from the corresponding Conditional Access Policy. To keep some security for CA policies without MFA, you could enforce

or

  • use a Conditional Access Policy without "Excluded Apps". Please also see .

Solution

A solution was implemented in KONNEKT version 2.10 - "".

here
Trusted Locations (e.g. public IP addresses of your VDI hosts)
Conditional Access configuration
Enhanced OAuth