Solved

K2 App Activation failure with Invalid client secret

  • 15 December 2016
  • 1 reply
  • 2198 views

Problem with activation of K2 for SharePoint Online site collection. Error: Authorization not successful  

 

Error log:

Timestamp: 2016-12-14 06:57:24Z : ResourceID=3ef05b46-fe2a-4d2e-8923-f81daedad301 : PrimaryCredentialID=44886b65-d674-4ab4-bbfd-61d2ec34fd16 : ResourceAudience=00000003-0000-0ff1-ce00-000000000000/testapp.com@48ab3233-b5c1-41f2-a8c7-05922660e3f4","","","srv-k2:C:Program Files (x86)K2 blackpearlHost ServerBin","27960009","e9918452709d4531b4f7a59991215ade",""

"27960010","2016-12-14 08:57:23","Error","Communication","8130","ConnectionPacketError","SourceCode.SocketService.Legacy::HandlePacket","8130 Error processing message from 192.168.1.152:54036: OAuth Error: Code=invalid_client : Description=AADSTS70002: Error validating credentials. AADSTS50012: Invalid client secret is provided.

 

We have 2 separate environments (SharePoint online app + integration with K2 4.7) and prev activated k2 apps. App Activation stoped working on both.

 

We have just set up new tenant and tried install app on the clean environment with same result: Authorization not successful.

 

Case similar to described in K2 Appit for SharePoint Activation failure - Authorization not successful

But it looks like MS published new app with same problem, because activation is not working on environment with standard applications.

 

UPD: All tenants started working except one.

For this tenant application was removed with Remove-MsolServicePrincipal –AppPrincipalId 3308eaff-d056-4a32-9b1d-563f81bf06f9

After that we have error on installation:

Error when try to get access token when deploy AppInstanceId b1c65984-f968-4b30-9220-5b5692c8616a with AppPrincipalId i:0i.t|ms.sp.ext|3308eaff-d056-4a32-9b1d-563f81bf06f9@48ab3233-b5c1-41f2-a8c7-05922660e3f4. Exception=System.InvalidOperationException: An unexpected error was returned from the delegation service.  Error Code: 'invalid_resource' Error Description: 'AADSTS50001: The application named {}.com was not found in the tenant named 48ab3233-b5c1-41f2-a8c7-05922660e3f4.  This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant.  You might have sent your authentication request to the wrong tenant.  Trace ID: 7e92ba88-a4b2-4632-ba6d-942a928566cf  Correlation ID: 43feb33e-1d33-497f-8cb4-9c2c2fcaea8f  Timestamp: 2016-12-21 08:42:56Z'   

 

 

If we create princilaps with _layouts/15/appregnew/aspx installation completed successfully but we get error later with invalid secret

 

 

 


icon

Best answer by Nicolaas 26 February 2018, 15:27

This issue was resolved with a support ticket:


 


Summary:


The 'Invalid client secret' issue is know to us.
The K2 Blackpearl for SharePoint app’s client secret expired, which meant that new tokens could not be retrieved. A new secret has subsequently been generated and updated on trust.


The processes and procedures to update these client secrets will be reviewed and updated to avoid this situation in the future.


AAD Secrets last 2 years and SP secretes 3 years


 


"1. We had errors for all our environments 3 weeks ago. Error had gone for 2 env without any interaction and left for third where we deleted application manually with powershell.
2. MS had made some issues with our third env(1 week ago). We don't know what exactly but i think it was script not available for participial customers. I've requested additional information.
3. We'd got new error on the first step of installation process and sent correlation id back to MS(1 week ago).
4. Today we had continued our issues. We had found K2 for Office 365 app in azure before installation attempt and deleted manually from azure. And it started working."

View original

1 reply

This issue was resolved with a support ticket:


 


Summary:


The 'Invalid client secret' issue is know to us.
The K2 Blackpearl for SharePoint app’s client secret expired, which meant that new tokens could not be retrieved. A new secret has subsequently been generated and updated on trust.


The processes and procedures to update these client secrets will be reviewed and updated to avoid this situation in the future.


AAD Secrets last 2 years and SP secretes 3 years


 


"1. We had errors for all our environments 3 weeks ago. Error had gone for 2 env without any interaction and left for third where we deleted application manually with powershell.
2. MS had made some issues with our third env(1 week ago). We don't know what exactly but i think it was script not available for participial customers. I've requested additional information.
3. We'd got new error on the first step of installation process and sent correlation id back to MS(1 week ago).
4. Today we had continued our issues. We had found K2 for Office 365 app in azure before installation attempt and deleted manually from azure. And it started working."

Reply