SSO authentication error after upgrading from older Devolutions Server version

On this page

The following error message appears when attempting to connect using SSO after a Devolutions Server update from an older version to a newer version.

{"errorMessage":"Unexpected exception. Please see server logs for details.","result":0}

Solution

To resolve the issue, open Devolutions Server Console and go to Server - Logs.

Server - Logs
Server - Logs

If the error found in the logs is the following:

OAuthTokenEndpointException - OAuth token endpoint error: {"error":"invalid_client","error_description":"AADSTS7000215: Invalid client secret provided.

Confirm that the secret sent in the request is the client secret value, not the client secret ID, for a secret added to the application.

When accessing the Entra ID Portal, having three registered apps (DVLS Web, DVLS Sync, RDM Sync) indicates the use of the old configuration method. Moving forward, only DVLS Web will be used. Access this app to create a new secret, copy the Secret Value, and set a reminder one month before its expiration using a preferred method.

Once completed, navigate to the Devolutions Server Web interface under Administration - Server Settings - Authentication - Microsoft Authentication. Disable Use specific client ID for users and user groups cache, paste the new Client Secret, and select the Save button in the top right corner.

Administration - Server Settings - Authentication - Microsoft Authentication
Administration - Server Settings - Authentication - Microsoft Authentication

Additionally, the ID Tokens must be unchecked in the Entra ID app registration for the Devolutions Server Web app.

ID Tokens must be unchecked
ID Tokens must be unchecked

 

Devolutions Forum logo Give us Feedback