Question

K2 Appit for SharePoint Activation failure - Authorization not successful

  • 17 October 2016
  • 1 reply
  • 1436 views

In this Scenario when you try and run the App Activation you get "Authorization not successful" message client side, on the K2 Server the error will state that the client Secret is invalid.


 


"Error","System","2025","InternalMarshalError","SourceCode.Hosting.Server.Runtime.HostServerBroker.InternalMarshal","2025 Error Marshalling SourceCode.Security.OAuth.OAuthManagement.DoOAuthTokenExchange, OAuth Error: Code=invalid_client : Description=AADSTS70002: Error validating credentials. AADSTS50012: Invalid client secret is provided.


Trace ID: 5829d874-24d1-4652-bcf1-38bc20a012bf


Correlation ID: ff3097a9-c2f6-491b-9f3b-ef6fca2d89eb"


 


Cause:


This happens when you register the App Principal / app permissions which allows you to generate a random client secret for that principal. 


We register our Client ID (ie, 10d4f504-a2e2-4336-82cd-2a44382e35c6) in the MS Seller Dashboard and is used by all customers.


 


How to remove this registered App Principal


 


Steps



  1. Capture the AppPrincipalID before you delete itfrom Site Collection App Permissions – you need it in later steps

  2. Delete the AppPrincipal from the app Catalog UI at Site Settings > Site Collection App Permissions

  3. Delete the app from Site Contents in the App Catalog; empty Recycle Bin

  4. Install and launch Windows Azure Active Directory Module for PowerShell  https://technet.microsoft.com/en-us/library/dn568015.aspx

    1. PS C:Windowssystem32> Connect-MsolService

    2. User@domain.comand password

    3. PS C:Windowssystem32> Connect-MsolService

    4. PS C:Windowssystem32> Get-MsolServicePrincipal –AppPrincipalID 10d4f504-a2e2-4336-82cd-2a44382e35c6

      1. Returns details for that ID



    5. PS C:Windowssystem32> Remove-MsolServicePrincipal –AppPrincipalId 10d4f504-a2e2-4336-82cd-2a44382e35c6

      1. Removes the ID



    6. PS C:Windowssystem32> Get-MsolServicePrincipal –AppPrincipalID 10d4f504-a2e2-4336-82cd-2a44382e35c6

      1. Confirms ID no longer exists






You can look for currently registered App Principals at


 


https://yourtenant/_layouts/15/appprincipals.aspx


 


References


http://blah.winsmarts.com/2014-5-Removing_AppPrincipals_from_Office365.aspx


 


1 reply

Userlevel 3
Badge +8

Thank you Vernon!

Reply