We have a pipeline that deploys the files to a Azure Function App. The secret expired few weeks ago and then added a new secret and updated the pipeline with it but since then the pipeline is failing with the below error:
##[error]Error: Failed to get resource ID for resource type ‘Microsoft.Web/Sites’ and resource name ‘**‘. Error: Could not fetch access token for Azure. Status code: invalid_client, status message: Error(s): 7000215 – Timestamp: 2024-09-10 12:58:55Z – Description: AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app ‘‘.
We renewed the secret but it’s not helping.
0
AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app ”.
I can reproduce the same issue when the client secret expired. If you manually create a new client secret on azure portal, it will not be used directly by service connection in Azure DevOps.
To solve this issue, you can refer to the following steps to refresh the client secret.
Automatically Type Service Principal ARM service connection
Step1: Navigate to Project Settings -> Service Connections and find the target service connection.
Step2: Edit the service connection and click the Save option
For example:
In this case, the client secret will be refreshed automatically and the service connection can work again.
If you are using Manually type Service Principal ARM service connection, you need to update the Service principal key field of the service connection.
For example:
On the other hand, you can also consider creating a new manually type Service Principal ARM service connection with the existing Service Principal and client secret.