none
Workflow Manager : Failed to query the OAuth S2S metadata endpoint RRS feed

  • Question

  • Hello, 

    Just build anew environment , install workflow manager and all went well, when running the

    "Register-SPWorkflowService -SPSite "https://Site" -WorkflowHostUri "https://WFServer:12290" I am getting well known error message mentioned at the end below . Tried most of the solutions online but nothing is working so far.

    Also noticed when access "https://WFServer:12290" from the workflow server it gives me "The caller does not have the necessary permissions required for this operation. Permissions granted: None. Required permissions: ReadScope." but if I open chrome as an administrator and access WorkflowHostUri, it works fine from workflow server. From the SharePoint server SPSite and WorkflowHostURI works as expected. 

    I followed this but no luck. https://docs.microsoft.com/en-us/previous-versions/dotnet/workflow-manager/jj193462(v=azure.10)?redirectedfrom=MSDN#Item4

    what could cause this behavior? 

    I know its 2 issues but kind of related, or may be one but any help on this will be appreciated- thanks. 

    PS Output : 

    Register-SPWorkflowService : Failed to query the OAuth S2S metadata endpoint at URI 
    'https://XXXXXXXX/_layouts/15/metadata/json/1'. Error details: 'An error occurred while sending the request.'. HTTP headers 
    received from the server - ActivityId: 1caca212-054e-4f26-a6ec-a9c46bbccbc1. NodeId: WFServer. Scope: /SharePoint. Client ActivityId : 
    230f1a9f-d57f-10ac-d0d1-16bd1f8800ff.
    At line:1 char:1

    From ULS : 

    Microsoft.Workflow.Client.InvalidRequestException: Failed to query the OAuth S2S metadata endpoint
     at URI 'https://XXXXXXXXXX/_layouts/15/metadata/json/1'. Error details: 'An error occurred while sending the request.'. HTTP headers received from the server - ActivityId: 8d8df74a-fcd2-4eaa-a8d2-946a69a29d10. NodeId: WFServer. Scope: /SharePoint. Client ActivityId : 4bd0199f-55f0-10ac-d0d1-1e38c27e83de. ---> System.Net.WebException: The remote server returned an error: (400) Bad Request.    
     at Microsoft.Workflow.Common.AsyncResult.End[TAsyncResult](IAsyncResult result)    
     at Microsoft.Workflow.Client.HttpGetResponseAsyncResult`1.End(IAsyncResult result)    
     at Microsoft.Workflow.Client.ClientHelpers.SendRequest[T](HttpWebRequest request, T content)     -
     -- End of inner exception stack trace ---    

    Thursday, November 21, 2019 4:25 PM

All replies

  • Workflow admins are as below : 

    $Sec=Get-WFScope -ScopeUri https://WFServer:12290/
    $sec.SecurityConfigurations


    WorkflowAdminGroupName Name
    ---------------------- ----
    BUILTIN\Administrators Microsoft.Workflow.Management.Security.WindowsSecurityConfiguration
    Users                  All Users

    When access the WFHostURI in browser i.e is running as administrator : 

    -<ScopeInfo xmlns="http://schemas.microsoft.com/workflow/2012/xaml/activities" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
    <DefaultWorkflowConfiguration/>
    <Description>Root Scope</Description>
    <LastModified>2019-11-20T21:40:24.06</LastModified>
    <LastRevised>2019-11-20T18:49:36.567</LastRevised>
    <Path>/</Path>
    -<SecurityConfigurations>
    -<ScopedSecurityConfiguration i:type="WindowsSecurityConfiguration">
    <Name>Microsoft.Workflow.Management.Security.WindowsSecurityConfiguration</Name>
    <WorkflowAdminGroupName>BUILTIN\Administrators</WorkflowAdminGroupName>
    </ScopedSecurityConfiguration>
    -<ScopedSecurityConfiguration i:type="WindowsSecurityConfiguration">
    <Name>All Users</Name>
    <WorkflowAdminGroupName>Users</WorkflowAdminGroupName>
    </ScopedSecurityConfiguration>
    </SecurityConfigurations>
    <Status>Active</Status>
    </ScopeInfo>

    • Edited by UmrG Thursday, November 21, 2019 5:00 PM updated
    Thursday, November 21, 2019 4:32 PM
  • In case some one is struggling with this , after searching for 2 days came accross link below,  after implementing the change mentioned I was able to run "Register-SPWorkflowService" successfully. Credit goes to @Trevor : https://thesharepointfarm.com/2016/04/tls-1-2-support-workflow-manager-office-online-server/

    I still can not open WorkflowHostUri in browser unless I am running browser as an administrator but will have to come back to this. 

    Thursday, November 21, 2019 10:37 PM