403 Internal Server Error

Problem description

Users may report that they are seeing a 403 Internal Server Error. This typically appears for customers using Microsoft 365 during either of the following operations:

1. When attempting to connect Evoko Home (v2.7.6) to Microsoft 365 for the first time.
2. When trying to re-authenticate an existing Evoko Home instance with Microsoft in the Global Settings after updating to v2.7.6.

Why does this happen?

In v2.7.6 of Evoko Home, the protocol for connection to Microsoft 365 changed to accommodate Role Base Application Control. This is commonly referred to as RBAC.  

• This 403 error indicates the App Registration associated with the Tenant ID and Application ID is reporting a mismatch of the permissions that are needed when running v2.7.6 as compared to a previous version of Evoko Home. 
• All versions of Evoko Home prior to v.2.7.6 required the App Registration in Entra to be slightly different and required protocols.

How do I fix this?

The following two-step process fixes both 403 error instance types:

1. Check your App Registration matches this guide here in Step 2A-3. Application Registration and API Permissions 
   • Note: Do not confuse the Secret Value with the Secret ID.  They are different.  The Secret Value is the critical setting for fixing the 403 error.
2. Complete the Power-shell commands from the prep guide here: Step 2A-4. Application Role-Based Access Control 

Once the tasks have been completed above you can then attempt to either pass the Evoko Home Wizard again or update the credentials in Evoko Home Global Settings.  If the above steps were completed correctly, you should get a message indicating successful credentials!

If you find yourself still having issues; please contact our support team for further help.