Overview
M-Files administrator may get the following error when trying to export new users from Entra ID (formerly Azure AD) in M-Files Admin tool (e.g. from Users - Import Individual Users…) when Azure AD Synchronization Plugin is in use:
PropertyPageImportUsers.cpp, 207, AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app '<application_id>'.
Trace ID: <trace_id>
Correlation ID: <correlation_id>
Timestamp: 2023-05-09 14:57:35Z (0x80131500)
PropertyPageImportUsers.cpp, 1137, AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app '<application_id>'.
Trace ID: <trace_id>
Correlation ID: <correlation_id>
Timestamp: 2023-05-09 14:57:35Z (0x80131500)
RPCMethodCallWithRetry.h, 178, AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app '<application_id>'.
Trace ID: <trace_id>
Correlation ID: <correlation_id>
Timestamp: 2023-05-09 14:57:35Z (0x80131500)
RPCMethodCallWithRetry.h, 178, AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app '<application_id>'.
Trace ID: <trace_id>
Correlation ID: <correlation_id>
Timestamp: 2023-05-09 14:57:35Z (0x80131500)
RPCLoginsAdmin.cpp, 1725, AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app '<application_id>'.
Trace ID: <trace_id>
Correlation ID: <correlation_id>
Timestamp: 2023-05-09 14:57:35Z (0x80131500)
RPCLoginsAdmin.cpp, 734, AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app '<application_id>'.
Trace ID: <trace_id>
Correlation ID: <correlation_id>
Timestamp: 2023-05-09 14:57:35Z (0x80131500)
RPCLoginsHelper.cpp, 3221, AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app '<application_id>'.
Trace ID: <trace_id>
Correlation ID: <correlation_id>
Timestamp: 2023-05-09 14:57:35Z (0x80131500)
RPCSynchronizationHelper.cpp, 710, AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app '<application_id>'.
Trace ID: <trace_id>
Correlation ID: <correlation_id>
Timestamp: 2023-05-09 14:57:35Z (0x80131500)
(M-Files 23.4.12528.8 2023-05-09T14:57:35.274Z)
Solution
This error is given by Entra ID because the client secret value defined in Entra ID has expired, which prevents synchronization.
A new client secret needs to be set for the application in Entra ID and copied to Azure Active Directory Synchronization plugin configuration.
Azure AD Synchronization Plugin configuration could exists in Advanced vault settings in M-Files Admin (User Groups - User Group Synchronization Plugins - Azure AD Configuration - Client Secret) or in M-Files server computer registry (earlier way) as mentioned in this document, section 10.1.
Note: Microsoft Azure Active Directory (Azure AD) name changed to Microsoft Entra ID on October 1st, 2023, as mentioned in this article.
