This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 15%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hello everyone, I developed a web application with Blazor server that uses Microsoft Identity Platform for user authentication. I created the project by following the step-by-step instructions in this article: https://learn.microsoft.com/it-it/entra/identity-platform/tutorial-blazor-server The project was created correctly, in Azure portal in the "Entra ID" service I find the application created and configured correctly with the same information/data reported in the Visual Studio 2022 project configuration file (appsettings.json). By choosing the "https" profile and running the exact same application on two different development machines, one works correctly in the other (the one from which I created the project) I continue to receive the following error: MsalServiceException: A configuration issue is preventing authentication - check the error message from the server for details. You can modify the configuration in the application registration portal. Original exception: AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app 'XXX'. Trace ID: YYY Correlation ID: ZZZ Timestamp: 2024-01-24 14:50:54Z I confirm that the key used ("ClientSecret") is correct and It is the same for both applications on the two development machines. Any ideas on this? Thank you Stefano
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 61%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
the error is pretty clear, the secret value is not valid for the specified clientid. how are you storing and retrieving the secret? the sample uses the default dev secrets storage and is not shared between machines.
Hi, thank you for your answer The secret value is stored and retrived from appsettings.json. I tried to regenerate the secret value but the error always occurred
Hi, thank you for your answer The secret value is stored and retrived from appsettings.json. I tried to regenerate the secret value but the error always occurred
but if you followed the tutorial, you encrypted the secret value in the appsettings.json. you need to re-encrypt on the target machine via the secrets manage tool. note: the values are stored in plain text in the secret store, so you can get the original secret value if you did not save.
@Bruce (SqlWork.com) oh right, I missed the point about being development only. @Stefano Milanesi , if the secret is encrypted in a machine it may not be of any usage in another since they may not share the same decryption keys. As Bruce suggests, you need to re-encrypt-it using the related tool.
This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Comments have been turned off. Learn more
Hello @Stefano Milanesi , as suggested by @Bruce (SqlWork.com) , the AADSTS7000215 error is due to an invalid cliente secret. To ensure the right secret is used by your application, switch to App Service app settings. They are more secure and will override any file based setting. For how to, take a look at Configure app settings.
Also, considering not storing secrets, specially production grade, in the file system or in clear form since its not secure.
Let us know if you need additional assistance. If the answer was helpful, please accept it and rate it so that others facing a similar issue can easily find a solution.