Reputation: 51
AADSTS70002: Error validating credentials. AADSTS50012: Invalid client secret is provided
When I am trying to create an authentication header using the below code. I am getting an error saying "AADSTS70002: Error validating credentials. AADSTS50012: Invalid client secret is provided." Now, I am sure, that the secret which I used in the code is not matching with the one used in my AAD app registration. Can anybody help me on how to get the client secret, from my app registrations or how to add a new application identifier in my O365 account directory.
private string GetAuthenticationHeader(AuthenticationInformation authenticationInformation){
try{
return RetryHelper.InvokeWithRetries(() =>
{
var clientCredential = new ClientCredential(authenticationInformation.ClientId, authenticationInformation.AppSecret);
var ac = new AuthenticationContext(authenticationInformation.Authority);
AuthenticationResult ar = ac.AcquireToken(authenticationInformation.Resource, clientCredential);
return ar.CreateAuthorizationHeader();
});
}
catch (Exception ex){
return ex.Message;
}
}
Upvotes: 5
Views: 11156
Answers (2)
Reputation: 5534
I was getting this error while trying to get the graph token via fiddler. this was because my secret key had few unnecessary characters like + and /.
secret key must be encoded before making request.
I replaced + by %2B and my fiddler request in my secret key and it worked like a charm.
Invalid client secret error on Azure App Service
Upvotes: 0
Reputation: 27588
To add a secret key for your web application's credentials, click the "Keys" section from the Settings blade of your Azure AD App in Azure Portal :
- Add a description for your key and select either a 1 or 2 or year duration(or never expires).
- The right-most column will contain the key value, after you save the configuration changes. Be sure to come back to this section and copy it after you hit save, so you will have it for use in your client application during authentication at run-time.
Please click here for more details about how to register and update your application with your Azure Active Directory tenant .
Upvotes: 5
Related Questions
- AADSTS50146 error when attempting to retrieve Oauth access_token
- Error AADSTS65001 while getting access token
- Azure to Auth0 connection - Invalid client secret is provided
- How to solve AADSTS700016 error on login with Microsoft account?
- AADSTS90019: No tenant-identifying information found in either the request or implied by any provided credentials
- How do I resolve the error AADSTS7000218: The request body must contain the following parameter: 'client_secret' or 'client_assertion'
- Azure AADSTS900144: The request body must contain the following parameter: 'client_id'
- AADSTS700016: Failed to obtain access token when authenticating to Azure with MSAL
- oAuth with Azure Active Directory fails due to [AADSTS50012: Invalid client secret is provided]
- AADSTS70002: Error validating credentials in my Azure AD App