Transaction Errors
When an appointment sync to Exchange fails, the connector classifies the failure into one of the shapes below and records it on the transaction row visible on the Errors page. The transaction Status is the primary signal; the message column carries the underlying exception text.
For Azure AD app-registration and consent walkthroughs, see Troubleshooting. This page covers the runtime classifications.
Codes coming
The Exchange connector does not yet emit stable DSEX codes in the transaction message. The prefix is reserved for a future release. For now, the Status column is the primary lookup key. Each section below also shows the underlying exception type for diagnostic searching.
Retried statuses are transient and self-heal on the next retry pass. Fix configuration statuses need the Exchange connector or Azure app to be changed first. Undiagnosed failure shapes should be sent to support so a rule can be added.
Each section pairs 💡 (what it means) with 🛠️ (what to do).
Quick lookup
| Status | Goes to | Exception | Retry |
|---|---|---|---|
InvalidBackOfficeSettings | Expired client secret | ExpiredExchangeClientSecretException | fix config |
InvalidBackOfficeSettings | Incomplete credentials | IncompleteExchangeCredentialsException | fix config |
Skipped | Credentials rejected after the call | ExchangeCredentialsException | fix config |
Skipped | Exchange integration disabled | ExchangeIntegrationEnabledException | fix config |
Skipped | Invalid user in the directory | ExchangeInvalidUserException | fix config |
EmptyBackOffice | No mapping entry | ExchangeItemMappingException | retried |
Failed | Access denied by the Azure AD app | ExchangeAccessDeniedException | fix config |
Failed | Microsoft Graph transient | ExchangeTransientException | retried |
Failed | Unexpected exception | any other | undiagnosed |
Expired client secret
⚙️
InvalidBackOfficeSettingsfix configuration💡
The client secret of the Exchange App Registration has expired. Microsoft Entra ID returns
AADSTS7000222 (or invalid_client) and the connector translates that into a typed failure carrying the offending Client ID.🛠️
- Open the Azure portal and navigate to the Exchange app registration.
- Under Certificates & secrets, generate a new client secret. Copy the secret value immediately - it is only shown once.
- Update the secret on the Exchange configuration page under the Microsoft Entra ID section.
warning
Client secrets expire after 6, 12, or 24 months. Set a reminder to rotate them before they expire.
Incomplete credentials
⚙️
InvalidBackOfficeSettingsfix configuration💡
One or more of the required values - Client ID, Client Secret, Tenant ID - is missing on the Exchange configuration. The connector refuses to call Graph without all three.
🛠️
Fill in every required field on the Exchange configuration page and save.
Credentials rejected after the call
⚙️
Skippedfix configuration💡
Graph accepted the request shape but rejected the token at call time. Usually a permission issue rather than a missing value - distinct from the configuration failures above, which fire before any call goes out.
🛠️
In the Azure AD app, confirm that the application permissions (
Calendars.ReadWrite, MailboxSettings.ReadWrite, User.Read.All) are present and that Grant admin consent has been clicked.Exchange integration disabled for the assigned resources
⚙️
Skippedfix configuration💡
None of the resources on the appointment have Exchange enabled, so there is no mailbox to write to. The message lists the affected resources (
Resource (No) pairs), or "No resources were assigned to this appointment" when the appointment has no assignments at all.🛠️
If the resource is meant to sync to Exchange, enable Exchange integration on the resource record. If not, the
Skipped status is correct and no action is needed.Invalid user in the directory
⚙️
Skippedfix configuration💡
The resource's e-mail address does not match any user in the Microsoft Entra ID directory of the connected tenant. Graph returns no match for that UPN.
🛠️
Verify that the resource's e-mail address corresponds to a real, licensed mailbox user in the tenant. Typos and disabled accounts are the usual causes.
No mapping entry
🔁
EmptyBackOfficeretried automatically💡
The connector tried to look up the Exchange event that previously corresponded to a Dime.Scheduler appointment and resource pair, and no mapping record was found. The originating Exchange event was already deleted, or the mapping table was reset without re-syncing.
🛠️
In most cases this self-heals on the next sync because the next event creation re-establishes the mapping. If the appointment keeps failing, force a full re-sync of that resource's calendar.
Access denied by the Azure AD app
⚙️
Failedfix configuration💡
The Azure AD app does not have sufficient permissions to write events to the target calendar. The connector records the underlying Graph message after the canned
"The Azure AD app does not have sufficient permissions to write events to the calendar." prefix.🛠️
- In the Azure portal, open the Exchange app registration and go to API permissions.
- Make sure
Calendars.ReadWriteis granted as an Application permission (not Delegated). - Click Grant admin consent for [Your Organization].
- Replay the failed transaction from the Errors page.
Microsoft Graph transient
🔁
Failedretried automatically💡
Graph or the transport layer returned a transient signal - HTTP 429, 503, 504, socket / DNS hiccups, or request timeouts. The message reads
Transient error from Microsoft Graph: <inner>. Will retry on the next sync attempt..🛠️
Nothing in the normal case. The transaction is left on
Failed so the retry job picks it up on the next pass. If the rate of transients spikes, check the Microsoft 365 service health dashboard and tenant-level Graph throttling.Unexpected exception
🚨
Failedundiagnosed💡
The exception did not match any of the typed shapes above. The connector still records it as
Failed so the retry job can replay it, but it also writes a full stack trace to the operational log so the maintainers can add a typed rule.🛠️
Send the transaction ID and full error message to Dime.Scheduler support. If the same shape recurs, a new typed classification will be added in a subsequent release.