Acquire app-only access token failed error when trying to connect to SharePoint Online from an on-premises Databricks instance

Confirm network connectivity or if none, work with your internal networking team to ensure access to login.microsoftonline.com on port 443.

Written by monica.cao

Last published at: January 30th, 2025

Problem

When you attempt to connect to SharePoint Online from an on-premises Databricks instance to pull content hosted in SharePoint Online, you receive an Acquire app-only access token failed error. 

You’re using Azure AD credentials for authentication, and the connection succeeds from your local computer but fails when attempted from Databricks.

 

Cause

Your network is blocking outbound traffic to login.microsoftonline.com on port 443. This domain is essential for authenticating with Azure AD and acquiring an app-only access token, which is required for accessing SharePoint resources.

 

Solution

Confirm network connectivity using the following command to verify if the proxy allows traffic to login.microsoftonline.com on port 443. 

 

%sh
nc -zv -x xxxxx:443 login.microsoftonline.com 443

 

If you encounter a disconnection error, work with your network/firewall team to ensure that access to login.microsoftonline.com on port 443 is allowed from the on-premises Databricks environment.