Skip to main content
MS Teams backups are failing with Authentication error
Updated over 11 months ago

Problem description

MS Team's backup fails showing error “Authentication error. (#100000003) “

Cause

This issue occurs if there are no proper permissions assigned to the administrator account which was used to configure the Druva inSync M365 app.

Traceback


📝 Note
+snip+[2022-11-21 2355:50,824] [ERROR] Error <class 'common.errors.mst_error.MSTeamError'>:Authentication error. (#100000003). Traceback -Traceback (most recent call last):File "/opt/Druva/active/src/lib/mst_backup_client.py", line 360, in check_token_statusself.agent.authenticate()File "/opt/Druva/active/src/lib/mst_agent.py", line 155, in authenticateraise faultFile "/opt/Druva/active/src/lib/mst_agent.py", line 151, in authenticateself.get_team(self.teamid)File "/opt/Druva/active/src/lib/mst_agent.py", line 217, in get_teamreturn self.client.get_retry(url=request_url)File "/opt/Druva/active/src/common/utils/oauth_utils.py", line 470, in get_retryraise errorcommon.errors.mst_error.MSTeamError: Internal Error!! Response Code: 403 Text:{"error":{"code":"Forbidden","message":"Missing role permissions on the request. API requires one of 'Team.ReadBasic.All, TeamSettings.Read.All, TeamSettings.ReadWrite.All, Group.Read.All, Directory.Read.All, Group.ReadWrite.All, Directory.ReadWrite.All, TeamSettings.Read.Group, TeamSettings.Edit.Group, TeamSettings.ReadWrite.Group'. Roles on the request ''. Resource specific consent grants on the request ''.","innerError":{"date":"2022-11-21T23:55:50","request-id":"71429041-736d-4253-b6f9-b6fd320c3337","client-request-id":"71429041-736d-4253-b6f9-b6fd320c3337"}}} (#100000004)+snip+


Resolution

API requires one of below mentioned permissions for backing up Teams data.

Assign below permissions to the administrator account which was used to configure Druva inSync M365 application.

  • 'Team.ReadBasic.All

  • TeamSettings.Read.All

  • TeamSettings.ReadWrite.All

  • Group.Read.All, Directory.Read.All

  • Group.ReadWrite.All

  • Directory.ReadWrite.All

  • TeamSettings.Read.Group

  • TeamSettings.Edit.Group

  • TeamSettings.ReadWrite.Group'

OR

  • Reconfigure Druva inSync M365 app using Global admin account.

Verification

Backup will complete successfully.

See also

Did this answer your question?