invalid_client - Invalid client secret is provided

vault 11

Hello everyone,

I tried to contact MS support team and they just redirected me here and closed the ticket. I'm integrating MS Teams in our product. We have a verified OAuth app and during the authorize call, we are asking the following scopes to the user: OnlineMeetings.ReadWrite User.Read offline_access
A user is getting the following error when refreshing the token:

{
  "error": "invalid_client",
  "error_description": "AADSTS7000215: Invalid client secret is provided.\r\nTrace ID: 24627b8a-1740-41ba-a4bf-2f40e5573600\r\nCorrelation ID: ef95b9c5-e709-4449-9deb-0fedec9c0ca8\r\nTimestamp: 2021-03-22 10:02:38Z",
  "error_codes": [
    7000215
  ],
  "timestamp": "2021-03-22 10:02:38Z",
  "trace_id": "24627b8a-1740-41ba-a4bf-2f40e5573600",
  "correlation_id": "ef95b9c5-e709-4449-9deb-0fedec9c0ca8",
  "error_uri": "https://login.microsoftonline.com/error?code=7000215"
}

What does that mean and how do I remediate it? Is it a problem on MS side? Do I need to reauthenticate the user?
The client secret is stored in vault and working correctly for other users.

Diana Wanjuhi 1,376 Reputation points

2021-03-24T14:24:04.487+00:00

Hi @vault how is this user making the request and are you able to reproduce this in graph explorer? Perhaps you could check the encoding of the client_secret in the auth header for this user and confirm that the value is correct.