Hi Supriya K ,
I understand that you are receiving the "AADSTS7000222" error even though your client secrets are active and not expired.
I have seen this behavior a few times before when there were issues with the app registration. If the service principal is not updated with the correct URLs or if the URLs have spaces or additional slashes, this error can get thrown. If this is the case, I would recommend first checking the attributes in the app registration for anything out of the ordinary, and if this does not work, re-registering the application. If that does not work, it would help if you captured a fiddler trace with an incognito session.
A recent customer described the same behavior you are describing, and the customer had to resolve the issue by creating a new service principal and client secret key.
I would also check the settings under in the app registration under Advanced settings > Default client type. > Treat application as a public client and verify if you have set this to "No" or changed the settings. If you have changed these settings, that may cause the issue. It is not recommended to Enable/Disable “Allow public clients" flows. If you toggle the setting back you might see different results but may still need to recreate the app registration. https://learn.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy-faq
If none of these suggestions work, feel free to reach out to me at AzCommunity@microsoft.com ("Attn: Marilee Turscak") and include your Subscription ID and I can help troubleshoot or get a support case opened.
-
If the information helped you, please Accept the answer. This will help us as well as others in the community who might be researching similar information.