05/11/2023, 7:40 AM
Hey guys, a colleague was testing using a service principal locally on an azure-native project by adding the Client ID, Secret, Tenant ID etc to the config file on one of the stacks. He has since removed those config entries and now when I attempt to manage the project locally I get the following error
error: autorest/Client#Do: Preparing request failed: StatusCode=0 -- Original Error: clientCredentialsToken: received HTTP status 401 with response: {"error":"invalid_client","error_description":"AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app 'XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX'
Has anyone come across this? It seems like Pulumi is still attempting to authenticate using the service principal and not the Azure CLI account. Thanks!


05/11/2023, 5:48 PM
It’s possible the provider was being explicitly configured in code, maybe getting client and secret from config?