Some users are unable to login and the following error is given:
Exception Type: InvalidGrantError at /microsoft/from-auth-redirect/ Exception Value: (invalid_grant) AADSTS54005: OAuth2 Authorization code was already redeemed, please retry with a new valid code or use an existing refresh token.
This is on a production environment, running on Apache, behind Haproxy locally and F5 appliance SSL termination with load balancing between 2 webservers. The auth backend is subclassed to force HTTPS and do custom name and group handling.
Most users are able to repeatedly login fine, however the affected ones can not login at all. They are able to login to other o365 secured resources. The users have tried use Edge & Chrome to login and tried incognito mode to ensure a new code.
OS: Ubuntu 18.04.4 django_microsoft_auth 3.0.1 Django 3.2.12 Python 3.8.16 MICROSOFT_AUTH_LOGIN_TYPE = 'ma'
Some users are unable to login and the following error is given:
Exception Type: InvalidGrantError at /microsoft/from-auth-redirect/ Exception Value: (invalid_grant) AADSTS54005: OAuth2 Authorization code was already redeemed, please retry with a new valid code or use an existing refresh token.This is on a production environment, running on Apache, behind Haproxy locally and F5 appliance SSL termination with load balancing between 2 webservers. The auth backend is subclassed to force HTTPS and do custom name and group handling.
Most users are able to repeatedly login fine, however the affected ones can not login at all. They are able to login to other o365 secured resources. The users have tried use Edge & Chrome to login and tried incognito mode to ensure a new code.
Any ideas?