401 error while authenticating Registered Apps with MSIdentityPlatform

Naga Suresh Kumar Chinni 1 Reputation point

I've been getting 401 error when trying to authenticate my registered application in Azure AD from azuredevops pipeline using terraform. I've used the same ClienID/Secret key which I've generated a few seconds ago.

Could anyone able to help here? Error message.
Error: getting authenticated object ID: Error listing Service Principals: autorest.DetailedError{Original:adal.tokenRefreshError{message:"adal: Refresh request failed. Status Code = '401'.
Response body: {\"error\":\"invalid_client\",\"error_description\":\"AADSTS7000215: Invalid client secret is provided.\r\nTrace ID: d27286a5-767c-4573-9e29-dca0ac0f6c00\r\nCorrelation ID: a9d16e72-ff24-4dcc-8b1e-6b3f4f86c401\r\nTimestamp: 2021-08-16 07:31:57Z\",\"error_codes\":[7000215],\"timestamp\":\"2021-08-16 07:31:57Z\",\"trace_id\":\"d27286a5-767c-4573-9e29-dca0ac0f6c00\",\"correlation_id\":\"a9d16e72-ff24-4dcc-8b1e-6b3f4f86c401\",\"error_uri\":\"https://login.microsoftonline.com/error?code=7000215\"} Endpoint https://login.microsoftonline.com/xxxxxxxxxx-bf16-4119-8725-xxxxxxxxxx/oauth2/token?api-version=1.0", resp:(*http.Response)(0xc00079d0e0)}, PackageType:"azure.BearerAuthorizer", Method:"WithAuthorization", StatusCode:401, Message:"Failed to refresh the Token for request to https://graph.windows.net/xxxxxxxx-bf16-4119-8725-xxxxxxx/servicePrincipals?%24filter=appId+eq+%27xxxxxxxx-e94e-499c-9c74-xxxxxx%27&api-version=1.6", ServiceError:[]uint8(nil), Response:(*http.Response)(0xc00079d0e0)}

I'm using terraform v0.13 and ad version is v1.6.0, azuredevops version is v0.1.6

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,832 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Siva-kumar-selvaraj 15,561 Reputation points

    Hello @Naga Suresh Kumar Chinni ,

    Thanks for reaching out.

    From the error message it shows as "Invalid client secret is provided". Could you please make sure you are using right secret value by comparing with first few shown value also verify expiry date of secret that you are using from Azure AD app registration blade? or try creating new client secret and see if that works.


    Additionally, I would recommend you to verify if you are using recent update of terraform Azure providers to avoid some know issues.

    Hope this helps.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments