Authentication Error When Configuring Microsoft Outlook Extension

Issue

I am encountering an authentication error when configuring Microsoft Outlook Extension. I encounter this error even after correctly entering my credentials.

Environment

  • Autotask

Cause

The most likely cause for this behavior is because the wrong Address is listed on the login tab of the Outlook Extension Options. When the tab opens, by default the URL is www.autotask.net, and not the user's zone-specific URL. The image below is intended to help better illustrate the issue:

2FA_Outlook.png

Resolution

Enter the address of the specific Autotask instance. For example, ww3.autotask.net. Be sure to specify the correct Autotask zone, as indicated by the number following ww.

Using the Outlook Extension with 2-Factor Authentication and/or Single Sign-On

NOTE  Ensure that the user has the most recent version of the Outlook Extension as older versions do not support MFA / SSO.

2-FACTOR AUTHENTICATION

2-Factor Authentication, the user must enter the correct username and password on the initial setup, at which point they will be prompted for a one time password. For future sessions in Outlook, they will only be prompted for their MFA token upon launching Outlook. By default, the authentication code is masked. To display the authentication code characters, click the show check box.

If the user does not enter the correct the URL to reflect their own zone-specific URL for Autotask and instead leaves the generic www.autotask.net, they will get an error message during authentication that states: The OTP token is invalid. Please enter a value and try again.

OTP_Token_Invalid.PNG

Note: This is expected behavior since the extension cannot properly exchange the MFA token back to the generic URL. It must be configured with the customer's zone-specific URL.

SINGLE SIGN-ON

If using Single Sign-On, the user must enter their correct username but can enter any value for the password field. The password is ignored when SSO is enabled and the window to authenticate through their Identity Provider will appear each time they open Outlook, similar to what occurs for MFA.

Note: Similar to MFA a user should ensure they have their zone-specific URL entered when configuring the extension. In addition, due to the way the pop-up window launches and the utilization to temporary cookies in that window for an SSO login flow, a user's browser settings for Internet Explorer must be configured exactly per our documentation. See Browser settings.

Additional Resources