Symptoms
You encounter one of the following errors when creating a new connection or running a UI flow:
-
UnreachableCrlEndpoint
-
InvalidConnectionCredentials
-
GatewayTimeout
If you're using an AAD account, please ensure your credentials are correct and that your account is synchronized to your machine by following the steps in the following article: https://support.microsoft.com/en-my/help/4555623/troubleshoot-ui-flow-invalid-credentials-error-using-aad-account. If you're still having issues, please read further.
Cause
This error can indicate that the product cannot reach the CRL Server, because either the Windows service UIFlowService or your user session is unable to reach one or more of the domains in the following documentation: https://learn.microsoft.com/en-us/power-automate/limits-and-config#ui-flows-required-services
Verifying issue
To validate whether you have access to the CRL endpoints from the user session, you can attempt to reach the URLs from the section entitled "UI flows required services" in the Power Automate documentation by typing them in the URL bar of a browser.
There is not currently a means to test if you have access to the CRL endpoints from the Windows service "UIFlowService", go directly to the Next section
Solving steps
You will need to ask your system administrator to make sure the endpoints are reachable from both the user session and the Windows service "UIFlowService" (running as the account NT SERVICE\UIFlowService).
To determine whether the Windows Firewall is responsible, ask your system administrator as well.
If the issue is caused by the Windows Firewall, you will need to follow the instructions from 'Create an Outbound Program or Service Rule', here: https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/create-an-outbound-program-or-service-rule
