S2S TSGs

sbmjais · sbmjais · commit fa44970fa6c2 · 2025-05-07T17:43:41.000+05:30
diff --git a/support/sales-copilot/crm-permissions-and-configurations/access-denied-sf-ss.md b/support/sales-copilot/crm-permissions-and-configurations/access-denied-sf-ss.md
@@ -0,0 +1,53 @@
+---
+title: Access denied for this user error when accessing Salesforce with server-to-server flow
+description: Resolves an error that occurs due to invalid permissions of the connected app in Salesforce.
+ms.date: 05/12/2025
+author: sbmjais
+ms.author: shjais
+ms.custom: sap:CRM Permissions and Configurations\CRM Settings
+---
+
+# "Access denied for this user" error when accessing Salesforce with server-to-server flow
+
+This article helps you troubleshoot and resolve the "Access denied for this user" error when you access Salesforce with server-to-server flow.
+
+## Who is affected?
+
+| Requirement type |Description  |
+|---------|---------|
+|**Client app**     |  Copilot for Sales Outlook add-in        |
+|**Platform**     | Web and desktop clients         |
+|**OS**     | Windows and Mac         |
+|**Deployment**     | User managed and admin managed       |
+|**CRM**     | Salesforce        |
+|**Users**     | All users  |
+
+## Symptoms
+
+When a user tries to access Salesforce with server-to-server flow, the following error message is displayed.
+
+> Access denied for this user.
+
+The related error message reads "User doesn't have admin permission to access the connected app."
+
+## Cause
+
+During Salesforce server-to-server flow setup, a connected app is deployed to the Salesforce organization. The connected app is associated with an integration user. An access token is retrieved with the credentials of the connected app. The error occurs when the integration user is not approved to access the connected app.
+
+## Resolution
+
+To resolve this issue, you must fix the connected app configuration in Salesforce. 
+
+1. Sign in to Salesforce CRM as an administrator.
+1. Go to **Setup** > **Platform Tools** > **Apps** > **Connected Apps** > **Managed Connected Apps**.
+1. On the **Connected Apps** page, select **Copilot for Sales Connected App**.
+1. Under **Custom Connected App Handler**, ensure that the value of **Run As** is set to **Copilot for Sales Integration User**.
+1. Go to **Administration** > **Users** > **Users** and confirm that the profile of the integration user is **CopilotForSalesIntegrationProfile**.
+
+Also, check is there were unintended changes made to the connected app configuration. If yes, revert the changes to the original configuration.
+
+## More information
+
+If your issue is still unresolved, go to the [Copilot for Sales - Microsoft Community Hub](https://techcommunity.microsoft.com/t5/viva-sales/bd-p/VivaSales) to engage with our experts.
+
+[!INCLUDE [Third-party disclaimer](../../includes/third-party-disclaimer.md)]
diff --git a/support/sales-copilot/crm-permissions-and-configurations/auth-failed-sf-ss.md b/support/sales-copilot/crm-permissions-and-configurations/auth-failed-sf-ss.md
@@ -0,0 +1,47 @@
+---
+title: Server-to-server authorization failed error when accessing Salesforce with server-to-server flow
+description: Resolves an error that occurs due to invalid secret of the connected app in Salesforce.
+ms.date: 05/12/2025
+author: sbmjais
+ms.author: shjais
+ms.custom: sap:CRM Permissions and Configurations\CRM Settings
+---
+
+# "Server-to-server authorization failed" error when accessing Salesforce with server-to-server flow
+
+This article helps you troubleshoot and resolve the "Server-to-server authorization failed" error when you access Salesforce with server-to-server flow.
+
+## Who is affected?
+
+| Requirement type |Description  |
+|---------|---------|
+|**Client app**     |  Copilot for Sales Outlook add-in        |
+|**Platform**     | Web and desktop clients         |
+|**OS**     | Windows and Mac         |
+|**Deployment**     | User managed and admin managed       |
+|**CRM**     | Salesforce        |
+|**Users**     | All users  |
+
+## Symptoms
+
+When a user tries to access Salesforce with server-to-server flow, the following error message is displayed.
+
+> Server-to-server authorization failed.
+
+The related error message reads "Couldn't get client credentials to access Salesforce.".
+
+## Cause
+
+During Salesforce server-to-server flow setup, a connected app is deployed to the Salesforce organization. The connected app is associated with an integration user. An access token is retrieved with the client ID and the secret of the connected app. The error occurs when the secret is invalid.
+
+## Resolution
+
+To resolve this issue, contact Microsoft support and provide the following information:
+- If the connected app "Copilot for Sales Connected App" was updated accidentally. 
+- If the connected app is still available, get the client ID of the connected app.
+
+## More information
+
+If your issue is still unresolved, go to the [Copilot for Sales - Microsoft Community Hub](https://techcommunity.microsoft.com/t5/viva-sales/bd-p/VivaSales) to engage with our experts.
+
+[!INCLUDE [Third-party disclaimer](../../includes/third-party-disclaimer.md)]
diff --git a/support/sales-copilot/crm-permissions-and-configurations/trouble-connect-sf-ss.md b/support/sales-copilot/crm-permissions-and-configurations/trouble-connect-sf-ss.md
@@ -0,0 +1,47 @@
+---
+title: Trouble connecting to Salesforce error when accessing Salesforce with server-to-server flow
+description: Resolves an error that occurs due to invalid client ID of the connected app in Salesforce.
+ms.date: 05/12/2025
+author: sbmjais
+ms.author: shjais
+ms.custom: sap:CRM Permissions and Configurations\CRM Settings
+---
+
+# "Trouble connecting to Salesforce" error when accessing Salesforce with server-to-server flow
+
+This article helps you troubleshoot and resolve the "Trouble connecting to Salesforce" error when you access Salesforce with server-to-server flow.
+
+## Who is affected?
+
+| Requirement type |Description  |
+|---------|---------|
+|**Client app**     |  Copilot for Sales Outlook add-in        |
+|**Platform**     | Web and desktop clients         |
+|**OS**     | Windows and Mac         |
+|**Deployment**     | User managed and admin managed       |
+|**CRM**     | Salesforce        |
+|**Users**     | All users  |
+
+## Symptoms
+
+When a user tries to access Salesforce with server-to-server flow, the following error message is displayed.
+
+> Trouble connecting to Salesforce.
+
+The related error message reads "Couldn't get Client ID for access token retrieval from Salesforce. The connected app might be misconfigured.".
+
+## Cause
+
+During Salesforce server-to-server flow setup, a connected app is deployed to the Salesforce organization. The connected app is associated with an integration user. An access token is retrieved with the client ID and the secret of the connected app. The error occurs when the client ID is invalid.
+
+## Resolution
+
+To resolve this issue, contact Microsoft support and provide the following information:
+- If the connected app "Copilot for Sales Connected App" was deleted accidentally. 
+- If the connected app is still available, get the client ID of the connected app.
+
+## More information
+
+If your issue is still unresolved, go to the [Copilot for Sales - Microsoft Community Hub](https://techcommunity.microsoft.com/t5/viva-sales/bd-p/VivaSales) to engage with our experts.
+
+[!INCLUDE [Third-party disclaimer](../../includes/third-party-disclaimer.md)]
diff --git a/support/sales-copilot/toc.yml b/support/sales-copilot/toc.yml
@@ -2,8 +2,10 @@
   href: welcome-sales-copilot.yml
 - name: CRM permissions and configurations
   items:
+    - name: '"Access denied for this user" error'
+      href: crm-permissions-and-configurations/access-denied-sf-ss.md
     - name: '"Align missing fields" error'
-      href: crm-permissions-and-configurations/align-missing-fields-error.md        
+      href: crm-permissions-and-configurations/align-missing-fields-error.md      
     - name: Can't update records due to missing record access in Salesforce CRM
       href: crm-permissions-and-configurations/missing-record-update-edit-access.md
     - name: Can't update records due to missing object access in Salesforce CRM
@@ -24,8 +26,12 @@
       href: crm-permissions-and-configurations/no-column-error.md
     - name: Salesforce CRM users can't view, edit, or save data in Copilot for Sales
       href: crm-permissions-and-configurations/salesforce-permission-error.md
+    - name: '"Server-to-server authorization failed" error'
+      href: crm-permissions-and-configurations/auth-failed-sf-ss.md
     - name: '"This contact already exists" error when creating a CRM record'
       href: crm-permissions-and-configurations/duplicate-record-error.md
+    - name: '"Trouble connecting to Salesforce" error'
+      href: crm-permissions-and-configurations/trouble-connect-sf-ss.md
     - name: You don't have permission for this error
       href: crm-permissions-and-configurations/no-admin-exists-error.md
 - name: Outlook side panel
