Jira Mail Handler and Service Management Mail Handler cannot be configured using Oauth 2.0

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

Both types of mail handlers (Jira and Service Management) can't be configured with a Microsoft Mailbox (shared or non shared) using the Oauth 2.0 authentication:

  • Configuring a Jira Service Management (JSM) Mail Handler for a Service Management project via the page Project Settings > Email Request fails while using the authorize button with the Oauth 2.0 authentication

  • Configuring a Jira Mail Server in ⚙ > System > Incoming Mail fails during the Test Connection step

Environment

Jira Service Management 4.10.0 / Jira 8.10.0 and higher, integrated with Office 365 or Microsoft Exchange

Diagnosis

  • An Oauth 2.0 integration was configured in ⚙ > System > Oauth 2.0, with the same scopes as the ones mentioned inIntegrating with Oauth 2.0, and the connection test was successful.

  • When trying to configure a JSM Mail Handler via the page Project Settings > Email Request, the following error is thrown in the UI

    • 1 Here's the error we received: "OAuth token not defined for connection. OAuth Authorisation required."

  • the following error is thrown in the Jira Incoming Mail Logs

  • 1 2 3 4 5 6 2021-11-22 12:22:32,914+0100 ERROR [] https-jsse-nio-8443-exec-5 julien 742x19484x1 1nxdphq 127.0.0.1 /rest/servicedesk/1/servicedesk/admin/email/test Unable to connect to the server at outlook.office365.com due to the following exception: com.atlassian.jira.internal.mail.processor.errors.MailConnectionException: OAuth token not defined for connection. OAuth Authorisation required. at com.atlassian.jira.internal.mail.processor.feature.channel.connectionverifier.DefaultChannelConnectionVerifier.verifyConnectionDefinition(DefaultChannelConnectionVerifier.java:76) [?:?] at com.atlassian.jira.internal.mail.processor.feature.channel.connectionverifier.DefaultChannelConnectionVerifier.verifyConnectionDefinition(DefaultChannelConnectionVerifier.java:58) [?:?] at jdk.internal.reflect.GeneratedMethodAccessor3792.invoke(Unknown Source) [?:?] at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [?:?]

Note that when trying to configure the same mailbox in Project Settings > Email Requests, but this time with Basic Authentication (using the mailbox password), a different error is thrown:

1 2 3 We couldn't connect to your mail server JIRA couldn't open the folder 'inbox' at outlook.office365.com. Check and make sure the folder name is correct and try again. Check out our troubleshooting docs for help resolving the issue.

  • When trying to configure a Jira Mail Server with Oauth 2.0 in ⚙ > System > Incoming Mails

    • Clicking on the Authorize button leads to a successful result ("Authorization has successfully completed.")

    • Clicking on the Test Connection button leads to an error thrown in the UI:

      1 2 Unfortunately no connection was possible. Review the errors below and rectify: • AuthenticationFailedException: AUTHENTICATE failed.

  • The following error is thrown in the Jira logs

1 2021-12-08 11:16:58,578+0100 https-jsse-nio-8443-exec-21 ERROR julien 676x39887x1 9qaxhs 127.0.0.1 /secure/admin/VerifyPopServerConnection!add.jspa [c.a.j.p.mail.webwork.VerifyMailServer] Unable to connect to the server at outlook.office365.com due to the following exception: javax.mail.AuthenticationFailedException: AUTHENTICATE failed.

  • When logging directly into the mailbox in Microsoft Outlook (https://outlook.office.com/mail/inbox), the following error is thrown in the UI:

    • Error:

      1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 UTC Date: 2021-12-08T09:50:21.069Z BootResult: configuration Client Id: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Session Id: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXX Client Version: 20211129004.15 err: Microsoft.Exchange.Clients.Owa2.Server.Core.OwaUserHasNoMailboxAndNoLicenseAssignedException esrc: StartupData et: ServerError estack: Error: 500 at i (https://outlook.office.com/mail/inbox/:363:209906) at https://outlook.office.com/mail/inbox/:363:147412 st: 500 ehk: X-OWA-Error efe: CY4PR16CA0042, AS8P250CA0011 ebe: CY4PR10MB1639 emsg: UserHasNoMailboxAndNoLicenseAssignedError

Cause

There is no license provided for the Microsoft account to access the mailbox that belongs to this account.

Solution

Reach out to your Microsoft Administration team to grant the account a license allowing to access the mailbox.

One way to grant a license to the account is to go to the Azure Admin portal, as explained in Assign or remove licenses in the Azure Active Directory portal. Basically, what your admin user can do is:

  • Log into https://portal.azure.com/ as an Admin user

  • Go to Users and click on the account that needs a license

  • After that, click on Licenses > Assignments.

Updated on March 10, 2025
Platform
Data Center only
Products
Jira Software Data Center
Jira Service Management Data Center
On this pageSummaryDiagnosisCauseSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community