Verify a sucessful OAuth configuration

Error ‘Failed to reach device’ displayed during authentication.

This error can be caused by any of the following:

1. The screen is not connected to the internet.
2. The authentication process was not completed within 15 minutes and the code expired.
3. The screen does not have the required minimum software version installed. Learn more about the technical requirements

A previously authenticated screen is showing as unauthenticated.

1. If the service account is unavailable for any reason, the Device Hub will show the screen as unauthenticated. When the issue with the service account has been resolved, authenticate the meeting room screen for OAuth. Learn how to authenticate a meeting room screen for OAuth

2. If the email address for the Exchange room is changed, the Device Hub will show the screen as unauthenticated.  Learn how to authenticate a meeting room screen for OAuth

Check OAuth is enabled for Exchange online

An Exchange admin can run the following Powershell commands to determine if OAuth is enabled:

Install-Module -Name ExchangeOnlineManagement
Connect-ExchangeOnline -UserPrincipalName adminEmailId
Get-OrganizationConfig | Format-Table Name,OAuth* -Auto

If the result shows OAuth2ClientProfileEnabled = False, run the folowing:

Set-OrganizationConfig -OAuth2ClientProfileEnabled $true

Validate access to Exchange Web Services (EWS)

1. Open a private browser page (incognito or private mode, depending on browser) and go to https://outlook.office365.com/
2. Enter user credentials for the Exchange room when prompted.

If an unauthorized access error is displayed, or the username/password prompt reappears, either the credentials for the Exchange room are incorrect or the account does not have the required permissions.

Check the correct Exchange Web Services (EWS) URL is saved in Calendar Settings

The EWS URL is saved when enabling OAuth for the calendar service. Learn how to enable OAuth for the calendar service