SMTP and IMAP Email Account Test Connections Fail with OAuth AuthenticationIssue The SMTP and IMAP email accounts hosted on the Outlook server, utilizing OAuth authentication, have lost connection entirely.ReleaseALLCause 1.The problem arises when the refresh token is absent in the oauth_credential table (or) multiple access tokens exists in oauth_credential table for oauth profile. 2.This can occur due to configuration issues on the OAuth application registry side. 3.Upon examining the logs the below errors are observed: Resolution Navigate to the "oauth_credential.LIST" table and verify that the OAuth profile shows both access token and refresh token are not expired and are available.If access tokens are not being refreshed automatically, consult KB article : https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1298181 for troubleshooting steps.Delete existing access tokens in the "oauth_credential" table for both OAuth profiles associated with email accounts.An OOB scheduled job will run to obtain new access tokens only if there is valid refresh token.Important note: Please note that the ServiceNow platform can fetch a new access token if the previous access token has expired and only if a valid refresh token is present in the oauth_credential table. Customers are not required to write this scheduled job to fetch the new access token.And, If the token provider can send a new refresh token during the access token retrieval, the platform has the capability to update the newly received refresh token in the oauth_credential table.Refer this KB for more information:https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0823628If the test connection fails despite successful token retrieval, proceed to the next steps.Enable debug properties for both IMAP and SMTP accounts and fetch logs for more information after doing test connection on email account. Set glide.rest.debug to true.Set glide.outbound_http.content.max_limit to 1000 (as type integer).Set glide.outbound_http_log.override to true.Set glide.outbound_http_log.override.level to all. After enabling debug properties, initiate a test connection on the email account and examine the outbound HTTP logs.Retrieve outbound transaction logs for further information.Create a new application registry and OAuth profile following the steps outlined in KB article :https://support.servicenow.com/kb?id=kb_aisearch&spa=1&query=KB0816072Remove the OAuth profile associated with the email account.Establish a new application registry with the correct client ID and client secret.Set the default grant type to "Authorization Code" instead of client credentials.Map the new OAuth profile with the IMAP accounts and conduct a successful test connection.Verify that emails begin flowing into the instance.Repeat the same process for the SMTP email account to ensure it works as expected.Related Links ->If encountering a configuration issue, it's advisable to establish a new OAuth application registry with the grant type set as Authorization Code, rather than using client credentials. This adjustment allows for the utilization of authentication credentials during the testing of email account connections, as opposed to simply displaying the message "OAuth token flow completed successfully." ->Associate the newly created OAuth profile, configured with the "Authorization Code" grant type, with the email account