AADSTS70002: Error validating credentials. AADSTS50012: Invalid client secret is provided
Emily Wong 
When I am trying to create an authentication header using the below code. I am getting an error saying "AADSTS70002: Error validating credentials. AADSTS50012: Invalid client secret is provided." Now, I am sure, that the secret which I used in the code is not matching with the one used in my AAD app registration. Can anybody help me on how to get the client secret, from my app registrations or how to add a new application identifier in my O365 account directory.
private string GetAuthenticationHeader(AuthenticationInformation authenticationInformation){ try{ return RetryHelper.InvokeWithRetries(() => { var clientCredential = new ClientCredential(authenticationInformation.ClientId, authenticationInformation.AppSecret); var ac = new AuthenticationContext(authenticationInformation.Authority); AuthenticationResult ar = ac.AcquireToken(authenticationInformation.Resource, clientCredential); return ar.CreateAuthorizationHeader(); }); } catch (Exception ex){ return ex.Message; }
}2 Answers
To add a secret key for your web application's credentials, click the "Keys" section from the Settings blade of your Azure AD App in Azure Portal :
- Add a description for your key and select either a 1 or 2 or year duration(or never expires).
- The right-most column will contain the key value, after you save the configuration changes. Be sure to come back to this section and copy it after you hit save, so you will have it for use in your client application during authentication at run-time.
Please click here for more details about how to register and update your application with your Azure Active Directory tenant .
1I was getting this error while trying to get the graph token via fiddler. this was because my secret key had few unnecessary characters like + and /.
secret key must be encoded before making request.
I replaced + by %2B and my fiddler request in my secret key and it worked like a charm.
