Web App Bot's appid seems to be lost or deleted causing the bot to not start

Question

We are running into an issue with our Azure Web App Bot where it keeps giving following error when trying to boot.

A configuration issue is preventing authentication - check the error message from the server for details. You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details.  Original exception: AADSTS7000222: The provided client secret keys for app '95100867-313a-46aa-a475-aaa45fccc6d2' are expired. Visit the Azure portal to create new keys for your app: https://aka.ms/NewClientSecret, or consider using certificate credentials for added security: https://aka.ms/certCreds. Trace ID: 96019a8d-4c51-4b98-99b1-157f483f2c00 Correlation ID: 4ff72318-db9b-4d67-ae27-df862b28e4b3 Timestamp: 2025-05-07 14:32:25Z 

Failed to acquire token for client credentials. (A configuration issue is preventing authentication - check the error message from the server for details. You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details.  Original exception: AADSTS7000222: The provided client secret keys for app '95100867-313a-46aa-a475-aaa45fccc6d2' are expired. Visit the Azure portal to create new keys for your app: https://aka.ms/NewClientSecret, or consider using certificate credentials for added security: https://aka.ms/certCreds. Trace ID: 96019a8d-4c51-4b98-99b1-157f483f2c00 Correlation ID: 4ff72318-db9b-4d67-ae27-df862b28e4b3 Timestamp: 2025-05-07 14:32:25Z) A configuration issue is preventing authentication - check the error message from the server for details. You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details.  Original exception: AADSTS7000222: The provided client secret keys for app '95100867-313a-46aa-a475-aaa45fccc6d2' are expired. Visit the Azure portal to create new keys for your app: https://aka.ms/NewClientSecret, or consider using certificate credentials for added security: https://aka.ms/certCreds. Trace ID: 96019a8d-4c51-4b98-99b1-157f483f2c00 Correlation ID: 4ff72318-db9b-4d67-ae27-df862b28e4b3 Timestamp: 2025-05-07 14:32:25Z 

When we try to go to Configuration and click "Manage Password" to update the password for the AppId in question, it keeps giving NOT FOUND error. We have tried finding the app through app registration but no luck. I am a global admin on the account but I am not the developer who created the bot. I am not sure if that could be preventing the app from showing it to me. I did login as the developer with their creds however, the behavior remained the same where we can not access the app that bot was registered with.

Any help in this matter will is appreciated. May be we just have to create the bot but want to make sure I ask around before pressing the switch on that.

Thanks in advance
AG

Answer 1

Hello Akash Gondalia,

Thank you for posting your question in the Microsoft Q&A forum. 

The error indicates that your bot’s authentication is failing because the client secret for the associated Azure AD app (ID: 95100867-313a-46aa-a475-aaa45fccc6d2) has expired. Since you cannot locate the app registration in the Azure portal even as a Global Admin, the app may have been deleted or is hidden due to tenant restrictions or ownership issues. 

First, verify if the app exists by running az ad app show --id 95100867-313a-46aa-a475-aaa45fccc6d2 in Azure CLI. If it’s missing, the bot’s service principal may still linger check Enterprise Applications with the same ID and reassign ownership if needed. If the app is truly gone, you must recreate the bot registration with a new App ID and update all configurations. 

To prevent future issues, switch to certificate-based authentication (recommended for production bots) or ensure secrets are rotated before expiry. If the app exists but remains inaccessible, Microsoft Support may assist in recovering it. 

 

If the above answer helped, please do not forget to "Accept Answer" as this may help other community members to refer the info if facing a similar issue. Your contribution to the Microsoft Q&A community is highly appreciated.