|
| 1 | +--- |
| 2 | +title: Server-to-server authentication failed error when accessing Salesforce with server-to-server flow |
| 3 | +description: Resolves an error that occurs due to misconfiguration of the connected app and integration user in Salesforce. |
| 4 | +ms.date: 05/12/2025 |
| 5 | +author: sbmjais |
| 6 | +ms.author: shjais |
| 7 | +ms.custom: sap:CRM Permissions and Configurations\CRM Settings |
| 8 | +--- |
| 9 | + |
| 10 | +# "Server-to-server authentication failed" error when accessing Salesforce with server-to-server flow |
| 11 | + |
| 12 | +This article helps you troubleshoot and resolve the "Server-to-server authentication failed" error when you access Salesforce with server-to-server flow. |
| 13 | + |
| 14 | +## Who is affected? |
| 15 | + |
| 16 | +| Requirement type |Description | |
| 17 | +|---------|---------| |
| 18 | +|**Client app** | Copilot for Sales Outlook add-in | |
| 19 | +|**Platform** | Web and desktop clients | |
| 20 | +|**OS** | Windows and Mac | |
| 21 | +|**Deployment** | User managed and admin managed | |
| 22 | +|**CRM** | Salesforce | |
| 23 | +|**Users** | All users | |
| 24 | + |
| 25 | +## Symptoms |
| 26 | + |
| 27 | +When a user tries to access Salesforce with server-to-server flow, the following error message is displayed. |
| 28 | + |
| 29 | +> Server-to-server authentication failed. |
| 30 | +
|
| 31 | +The related error message can be one of the following: |
| 32 | +- Client credentials flow is disabled in Salesforce. |
| 33 | +- Couldn't get access token for client credentials flow in Salesforce. |
| 34 | + |
| 35 | +## Cause |
| 36 | + |
| 37 | +During Salesforce server-to-server flow setup, a connected app is deployed to the Salesforce organization. The connected app is associated with an integration user. An access token is retrieved with the credentials of the connected app. The error occurs when the connected app or the integration user is misconfigured. |
| 38 | + |
| 39 | +## Resolution |
| 40 | + |
| 41 | +To resolve this issue, you must fix the connected app and integration user configuration in Salesforce. |
| 42 | + |
| 43 | +1. Sign in to Salesforce CRM as an administrator. |
| 44 | +1. Go to **Setup** > **Platform Tools** > **Apps** > **App Manager**. |
| 45 | +1. On **Copilot for Sales Connected App** row, select the down arrow, and then select **Edit**. |
| 46 | +1. Under **API (Enable OAuth Settings)**, ensure that **Enable Client Credentials Flow** is selected. |
| 47 | +1. Go to **Apps** > **Connected Apps** > **Managed Connected Apps**. |
| 48 | +1. On the **Connected Apps** page, select **Copilot for Sales Connected App**. |
| 49 | +1. Under **Custom Connected App Handler**, ensure that the value of **Run As** is set to **Copilot for Sales Integration User**. |
| 50 | +1. Open user details for the **Copilot for Sales Integration User** user and confirm the following: |
| 51 | + 1. Profile of the integration user is **CopilotForSalesIntegrationProfile**. |
| 52 | + 1. User is associated with **Copilot for Sales connected app permission set** permission set. |
| 53 | + 1. User is associated with **Salesforce API Integration** permission set license assignments. |
| 54 | + |
| 55 | +Also, check is there were unintended changes made to the connected app or integration user configuration. If yes, revert the changes to the original configuration. |
| 56 | + |
| 57 | +## More information |
| 58 | + |
| 59 | +If your issue is still unresolved, go to the [Copilot for Sales - Microsoft Community Hub](https://techcommunity.microsoft.com/t5/viva-sales/bd-p/VivaSales) to engage with our experts. |
| 60 | + |
| 61 | +[!INCLUDE [Third-party disclaimer](../../includes/third-party-disclaimer.md)] |
0 commit comments