About
Search
Welcome to M-Files Empower – our new support experience. We'd love to hear what you think!Give feedback
Home/System setup and customization/Environment setup and maintenance/Security and authentication

M-Files Login Service authentication may error out with uppercase letters

Last updated on 1 October 2025

Admin
Microsoft Entra ID Authentication

Overview

If you are using an M-Files Cloud vault with M-Files Login Service for OAuth (Configuring Vault Authentication with M-Files Login Service.pdf), you may see the following generic error when trying to log in to the vault.

This article applies to the case when the configuration has uppercase letters.

Details

The Audience and Scope need to be verified in the backend, and the check is case-sensitive.

Vault DNS names are usually in lowercase, so using uppercase letters prevents the validation and you get an error without much details (security errors generally must not provide much detail).

Double check your configuration.

Example of configuration that is likely to have issues:

{

   "scopes": [

        {

           "tmpScopeName": "*:Windows",

           "configurations": [

                {

                   "name": "MFLoginService.Default",

                   "tmpProtocol": "oauth",

                   "assembly": "MFiles.AuthenticationProviders.OAuth",

                   "oauthSettings": {

                       "server": {

                           "AccountClaim": "accountname",

                           "AuthConfClaim": "authconf",

                           "SubscriptionClaim": "subscriptionid",

                           "Audience": "mfiles://My-Vault.cloudvault.m-files.com",

                           "IdentityProviderMetadata": "https://login.m-files.com/.well-known/openid-configuration",

                           "ForceDownLevelAccountName": "false",

                           "AccessTokenType": "JWT",

                           "PreserveClientSpecificSetting_Scope": "true"

                       },

                       "client": {

                           "Protocol": "OAuth 2.0",

                            "RedirectUri": "http://localhost/signin-oidc",

                           "ClientID": "mfclient,0F490484-7E20-496B-B85D-C3D030487D67",

                           "RedirectUriForWeb": "https://My-Vault.cloudvault.m-files.com/authentication/MFLoginService.Default/read",

                            "Scope": "openid mfiles://My-Vault.cloudvault.m-files.com offline_access",

                           "UseIdTokenAsAccessToken": "false",

                           "UseAccessTokenInWeb": "true"

                       }

                   }

                }

            ],

           "defaultConfiguration": "MFLoginService.Default"

        }

    ]

}

Solution

Change the uppercase letters for the vault DNS name to lowercase letters, for example:

{

   "scopes": [

        {

           "tmpScopeName": "*:Windows",

           "configurations": [

                {

                   "name": "MFLoginService.Default",

                   "tmpProtocol": "oauth",

                   "assembly": "MFiles.AuthenticationProviders.OAuth",

                   "oauthSettings": {

                       "server": {

                           "AccountClaim": "accountname",

                           "AuthConfClaim": "authconf",

                           "SubscriptionClaim": "subscriptionid",

                           "Audience": "mfiles://my-vault.cloudvault.m-files.com",

                           "IdentityProviderMetadata": "https://login.m-files.com/.well-known/openid-configuration",

                           "ForceDownLevelAccountName": "false",

                           "AccessTokenType": "JWT",

                           "PreserveClientSpecificSetting_Scope": "true"

                       },

                       "client": {

                           "Protocol": "OAuth 2.0",

                           "RedirectUri": "http://localhost/signin-oidc",

                           "ClientID": "mfclient,0F490484-7E20-496B-B85D-C3D030487D67",

                           "RedirectUriForWeb": "https://my-vault.cloudvault.m-files.com/authentication/MFLoginService.Default/read",

                            "Scope": "openid mfiles://my-vault.cloudvault.m-files.com offline_access",

                           "UseIdTokenAsAccessToken": "false",

                           "UseAccessTokenInWeb": "true"

                       }

                   }

                }

            ],

           "defaultConfiguration": "MFLoginService.Default"

        }

    ]

}

Related content

Still need help?

Ask the M-Files Community
Submit a Support Request
On this page
Overview
Details
Solution
Popular links
What is enterprise content management?Business process managementCollaboration solutionsSolutions by industryKey capabilities
About M-Files
Contact usSchedule a demoCareersTrust CenterPrivacy policySecurity Hall of Fame
Resources
Customer Support PortalPartner HubDeveloper PortalUser guideM-Files CommunityTerms and conditions