none
[invalid_client] AADSTS700027: Client assertion contains an invalid signature. Reason - The key was not found RRS feed

  • Question

  • I am trying to run https://www.domain.com/_layouts/15/appregnew.aspx on my SharePoint 2013 app server and I am receiving this error:

    Microsoft.SharePoint.IdentityModel.OAuth2.SPOAuth2Client.GetResponse(Uri stsUrl, OAuth2AccessTokenRequest message) +1907 Microsoft.SharePoint.IdentityModel.OAuth2.SPOAuth2Client.RequestOAuthToken(Uri stsUrl, OAuth2AccessTokenRequest request) +144 Microsoft.SharePoint.IdentityModel.OAuth2.SPOAuth2SecurityTokenManager.RequestRawOAuthToken(SPSecurityTokenServiceConnectionInformation stsInfo, OAuth2EndpointIdentity endpointIdentity) +106 Microsoft.SharePoint.IdentityModel.OAuth2.SPOAuth2SecurityTokenManager.GetRawBearerToken(String nameIdentifier, SPSecurityTokenServiceConnectionInformation stsInfo, OAuth2EndpointIdentity endpointIdentity, SPOAuth2SecurityTokenType tokenType) +449 Microsoft.SharePoint.IdentityModel.OAuth2.SPOAuth2SecurityTokenManager.IssueBearerTokenString(SPServiceContext serviceContext, SPSecurityTokenServiceConnectionInformation stsInfo, OAuth2EndpointIdentity endpointIdentity, SPOAuth2SecurityTokenType tokenType, IEnumerable`1 claims) +1454 Microsoft.SharePoint.IdentityModel.OAuth2.SPOAuth2BearerCredentials.GetBearerToken(HttpAuthenticationChallenge[] challenges, WebRequest webRequest) +458 Microsoft.SharePoint.IdentityModel.OAuth2.OAuth2BearerCredentials.Authenticate(HttpAuthenticationChallenge[] challenges, WebRequest webRequest) +30 Microsoft.SharePoint.IdentityModel.OAuth2.OAuth2BearerAuthenticationModule.InternalAuthenticate(String challenge, WebRequest request, OAuth2BearerCredentials oauthCredentials) +484 Microsoft.SharePoint.IdentityModel.OAuth2.OAuth2BearerAuthenticationModule.Authenticate(String challenge, WebRequest request, ICredentials credentials) +190 System.Net.AuthenticationManagerDefault.Authenticate(String challenge, WebRequest request, ICredentials credentials) +339 System.Net.AuthenticationState.AttemptAuthenticate(HttpWebRequest httpWebRequest, ICredentials authInfo) +500

    I replaced the "High Trust Cert" as the SPTrustedSecurityTokenIssuer and SPTrustedRootAuthority but, this error just started popping up when I try to register a test app.

    If your previous apps' secret expires will it cause this? Also, how can we update our secrets without using MsolService, which is deprecated and no longer working?


    Matthew Barrett Concept Interactive Inc.

    Tuesday, July 9, 2019 6:53 PM