AzureAppConfiguration.KeyVaultReferenceException: ClientSecretCredential authentication failed: A configuration issue is preventing authentication

Question

Good evening, I have a problem with an application created and published by another person. The application stopped working, no one realized that the secrets in the App Registrations were expired so I renewed them. Now if I try to start the application, I got this error message: Unhandled exception. Microsoft.Extensions.Configuration.AzureAppConfiguration.KeyVaultReferenceException: ClientSecretCredential authentication failed: A configuration issue is preventing authentication - check the error message from the server for details. You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details. Original exception: AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app 'xxxxxxxxxxxxxxxxxxxx'.

The application is linked to App configuration and App Configuration is linked to Key Vault. I suppose I have to update somewhere the value of the secrets renewed but I can’t find where!!!

It’s probably something absolutely silly but I’m starting now with Azure and I can’t solve the problem! Can anyone please give me a hint? Thanks!

Answer 1

Looks like your application cannot authenticate with your Key Vault. In your application code, as part of AddAzureAppConfiguration call, you should have a call of ConfigureKeyVault, which specifies how you want your application to authenticate with your Key Vault. I guess the token credential you used there became invalid due to the secret rotation.

You can find more information about how to grant your application to access your Key Vault from this link: https://learn.microsoft.com/en-us/azure/azure-app-configuration/use-key-vault-references-dotnet-core?tabs=core5x#grant-your-app-access-to-key-vault