Data 360: Error "Missing_OAuth_Token" when Connecting to Marketing Cloud

This error message relates to an issue with Data 360 authenticating with Marketing Cloud using the credentials of the Marketing Cloud integration user you have entered in Data 360 Setup.

Check the following details:

• Login IP Allowlist in Marketing Cloud
• Marketing Cloud Password Expiration
• Salesforce Core Services - IP Addresses and Domains to Allow

Login IP Allowlist in Marketing Cloud

The Login IP Allowlist functionality in Marketing Cloud restricts access to your Marketing Cloud to a defined set of IP address. The "Missing_OAuth_Token" error message can occur due to the API call being made from Data 360 to Marketing Cloud getting denied, due to the IP not being allowlisted. To resolve this, you will need to follow the steps below:

Within Data 360:

1. Login to your Data 360 Org
2. Data 360 Setup 
3. Under Salesforce Integrations, expand Marketing
4. Click on Marketing Cloud Engagement
5. Click "Manage" in the "Enter Credentials" section
6. Receive the "Missing_OAuth_Token" error. 
7. Note the time

then,

Within Marketing Cloud:

1. Login to Marketing Cloud
2. Setup
3. Settings
4. Security
5. Login IP Allowlist
6. View Access Log
7. Use the time above to locate the IP address that failed due to "IP Allowlist Access Denied"
8. Go back into the Login IP Allowlist main section and click "Create"
9. Add the denied IP to the trusted IP range
10. Save

Once the above steps are completed, follow the CDP steps above to connect and it should be successful.

Marketing Cloud Password Expiration

The "Missing_OAuth_Token" error can occur if the password of the Marketing Cloud user, whose credentials have been entered in Data 360 Setup > Configuration > Marketing Cloud, has expired due to the password policy configured in the Security Settings in Marketing Cloud.

To confirm if this is the root cause, attempt to log in to Marketing Cloud using the credentials of your integration user. If this is the root cause, you'll be asked to reset this user's password after logging into Marketing Cloud.

Complete the password reset and then review your Marketing Cloud configuration in Data 360 Setup. You may be required to re-complete the steps in the configuration wizard.

To prevent this issue from occurring, you can make your Marketing Cloud integration user an API User and configure the security setting Exclude API Users From Password Expiration to prevent this user's password from expiring.

See the Password Policies section of the Marketing Cloud Security Settings documentation for more information.

Marketing Cloud Business Units Access Loss

The "Missing_OAuth_Token" error can also occur if you have lost access to business units the connection previously had access to. If you do not want to re-introduce the Business Unit and would like to re-authenticate, you would need to delete the Data Streams and Activations targeting that Business Unit. Otherwise follow the below instructions on adding the Business Units back to the User.

1. Navigate to Setup in Marketing Cloud Engagement.
2. Click Users.
3. Select the user and click Manage Business Units to add a user to a business unit. 
4. Select a default business unit for the user. (Must be EID for DC Connection)
5. Assign the user to business units.
6. Save your changes.