question

KumarRajeevCWF-4995 avatar image
0 Votes"
KumarRajeevCWF-4995 asked KumarRajeevCWF-4995 answered

invalid_grant", "error_description": "AADSTS50126: Error validating credentials due to invalid username or password.\r\nTrace

Hi @amanpreetsingh-msft ,@MarileeTurscak
I am calling Https://login.microsoftonline.com/<myTenantId>/oauth2/token url for refresh token . but i am getting below error

"error": "invalid_grant",
"error_description": "AADSTS50126: Error validating credentials due to invalid username or password.\r\nTrace ID: dbf5175a-6d99-49db-8dfb-c7be1f9a1700\r\nCorrelation ID: d279d8ec-577f-4a5c-b1b0-2a68d4e0e68b\r\nTimestamp: 2021-05-18 11:19:07Z",
"error_codes": [
50126
],
"timestamp": "2021-05-18 11:19:07Z",
"trace_id": "dbf5175a-6d99-49db-8dfb-c7be1f9a1700",
"correlation_id": "d279d8ec-577f-4a5c-b1b0-2a68d4e0e68b",
"error_uri": "https://login.microsoftonline.com/error?code=50126"
}
I have reseted the password also but did not work. i am trying to resolve this issue since last 2 month

Please help me on this

azure-active-directorymicrosoft-authenticatorazure-ad-graph
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

amanpreetsingh-msft avatar image
0 Votes"
amanpreetsingh-msft answered KumarRajeevCWF-4995 commented

Hi @KumarRajeevCWF-4995 · Thank you for reaching out.

By tracking the Correlation and Request ID, I found that the account you are using is a federated account, which requires redirection to ADFS for authentication. The ROPC (password) flow doesn't support this redirection and tries to authenticate the user directly in Azure AD. Hence, the error AADSTS50126: Error validating credentials due to invalid username or password. is thrown.

To resolve the issue, you can choose to go with one of the below options:

  1. Create a cloud only user account, reset the temporary password and use that account.

  2. If creating cloud-only user is not an option for you, follow the instructions I have provided in This Blog Post. If you choose to go with this option and don't want to sync password hash for all accounts, use Selective password hash synchronization


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you so much @amanpreetsingh-msft
for quick response
Let me follow the above steps and try to fix this issue.

Thanks ,
Rajeev kumar

0 Votes 0 ·
KumarRajeevCWF-4995 avatar image
0 Votes"
KumarRajeevCWF-4995 answered

Thank you so much @amanpreetsingh-msft

I am using a cloud only user account. Now I'm able to obtain an authorization token with this new cloud only service account

Thanks your quick help.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.