You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: support/entra/entra-id/app-integration/error-code-aadsts50173-grant-expired-revoked.md
+5-6Lines changed: 5 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -16,17 +16,16 @@ ms.custom: sap:Issues Signing In to Applications
16
16
17
17
When users try to sign in to an application that uses Microsoft Entra ID authentication, they receive the following error message:
18
18
19
-
20
19
> `AADSTS50173: The provided grant has expired due to it being revoked, a fresh auth token is needed. The user might have changed or reset their password. The grant was issued on '{authTime}' and the TokensValidFrom date (before which tokens are not valid) for this user is '{validDate}'.`
21
20
22
21
23
22
## Cause
24
23
25
24
This error occurs when the refresh token used for authentication has been revoked. This issue occurs if:
26
25
27
-
- The user changed or reset their password.
28
-
- The refresh token has expired.
29
-
-The refresh token has been revoked by an administrator.
26
+
- The user changes or resets their password.
27
+
- The refresh token expires.
28
+
-An administrator revokes the refresh token.
30
29
31
30
For more information, see:
32
31
@@ -40,13 +39,13 @@ To resolve this issue, follow these steps:
40
39
41
40
### For end users
42
41
43
-
On the application being used, try to locate an option to re-authenticate and clear any cached token information. This can also be achieved by signing out and signing back in to the application (when applicable/available).
42
+
On the application being used, try to locate an option to reauthenticate and clear any cached token information. This can also be achieved by signing out and signing back in to the application (when applicable/available).
44
43
45
44
### For application developers
46
45
47
46
If the application is using [Microsoft Authentication Library (MSAL)](/entra/identity-platform/msal-overview), follow guidance regarding on how to [Handle errors and exceptions in MSAL](/entra/msal/dotnet/advanced/exceptions/msal-error-handling).
48
47
49
-
If the application is not using [Microsoft Authentication Library (MSAL)](/entra/identity-platform/msal-overview), consult information about how to [Handle errors and exceptions in MSAL](/entra/msal/dotnet/advanced/exceptions/msal-error-handling) and try to implement a similar approach on the application. The goal is to request user to re-authenticate and obtain a fresh token.
48
+
If the application isn't using [Microsoft Authentication Library (MSAL)](/entra/identity-platform/msal-overview), consult information about how to [Handle errors and exceptions in MSAL](/entra/msal/dotnet/advanced/exceptions/msal-error-handling) and try to implement a similar approach on the application. The goal is to request user to re-authenticate and obtain a fresh token.
0 commit comments