{"Error":"invalid_request","ErrorDescription":"Client secret is expired."}

[nandin-borjigin]

[ChristianWalterMedia]

Same issue for me.

[s3fs]

Same for me. Any idea on how to work around this?

[rmacedo88]

Same issue here

[rogerprz]

Same

[olson-nathan]

There is a manual workaround documented here if you are currently blocked by this.

[rdpolarity]

Same issue here as well

[murieletrentini]

Same issue here. And it was working so nicely for the past months

[nandin-borjigin]

vsts-npm-auth could be a replacement before the author fixes this issue.

[murieletrentini]

Not for non-windows users unfortunately :-( vsts-npm-auth > 'The auth helper is currently only functional on a Windows machine'

[beatzball]

seems the issue is not specific to this package but the oauth resource that is being used by default: https://stateless-vsts-oauth.azurewebsites.net/

issue reported here: https://github.com/zumwald/stateless-vsts-oauth/issues/12

[ChristianWalterMedia]

There is a manual workaround documented here if you are currently blocked by this.

Worked perfectly. Thanks for the link.

[benrolfe]

These instructions helped me get the PAT manually: https://learn.microsoft.com/en-us/azure/devops/artifacts/npm/npmrc?view=azure-devops&tabs=linux%2Cclassic

[connorv001]

For anyone and everyone facing the same issue : Here is a potential fix :

1. Create an ADO App : https://app.vsaex.visualstudio.com/app/register
2. Note down the AppID and clientSecret somewhere secure.
3. Fork this repo : https://github.com/zumwald/stateless-vsts-oauth.git
4. Modify the variables : https://github.com/zumwald/stateless-vsts-oauth/blob/main/index.js#L12
5. Rename the main.handlebars to 'main.hbs`
6. Save this under Github (In my case, I used ADO for easy deployment later on but it doesn't matter)
7. Using Azure App Services (or something similar) deploy this code and fetch the URL make sure it's https enabled. In Azure App Services, this will be a bit easier -- you've to either configure CD within app service or you can go ahead and and use any deployment method of your own
8. You will get a URL from AAS then just go ahead and configure the enviornmental variable for the same within our data that we generated from the 1st step.
9. Fork this repo: https://github.com/zumwald/better-vsts-npm-auth.git
10. Modify the following:
    • https://github.com/zumwald/better-vsts-npm-auth/blob/main/package.json#L2
    • https://github.com/zumwald/better-vsts-npm-auth/blob/main/package.json#L15
    • https://github.com/zumwald/better-vsts-npm-auth/blob/main/lib/config.ts#L12 (Modify this section with the results you got from step 1)
      11. npm publish this package. This resolve the issue in my case ⚠️ This will charge on your Azure App Services if you're using it.

[janpro0706]

@connorv001

So instructive guides! But this can only works in single tenant which belongs to owned organization?

[connorv001]

@connorv001

So instructive guides! But this can only works in single tenant which belongs to owned organization?

I'm not a 100% sure, my best guess would be not really tho.. Since it's an app on ado and not on aad but I could be wrong

[janpro0706]

@connorv001

I've got this error which I don't know it really indicates... I will also dive into this issue, but if you have an idea to resolve this, please share your resolution.

[zumwald]

See https://github.com/zumwald/stateless-vsts-oauth/issues/12#issuecomment-1310682808

[nandin-borjigin]

Closing as duplicated of https://github.com/zumwald/stateless-vsts-oauth/issues/12#issuecomment-1310682808

I'm on vacation without access to a laptop to resolve this. The ADO portal to manage applications doesn't work on mobile, even with some attempts to spoof a desktop browser.

I'll look into this once I'm home. ETA for next response is by 21-Nov.

[nandin-borjigin]

Fixed https://github.com/zumwald/stateless-vsts-oauth/issues/12#issuecomment-1319027466