Azure AD- Resource owner credential flow error Invalid username or password

Question

I am using Azure AD Resource owner credentials OAuth flow. It was working as expected, but for approx. a month it has stopped working. Surprisingly, it's still working well for some users who are created as "Guest User" under the same directory. This is the exact error I am getting in response:

{"error":"invalid_grant","error_description":"AADSTS70002: Error validating credentials. AADSTS50126: Invalid username or password\r\nTrace ID: bd62a235-6a28-4c7d-bae9-37a36c0e4300\r\nCorrelation ID: 3bb7d88c-1ced-4cf2-9f37-5cc200849cea\r\nTimestamp: 2018-09-03 09:53:35Z","error_codes":[70002,50126],"timestamp":"2018-09-03 09:53:35Z","trace_id":"bd62a235-6a28-4c7d-bae9-37a36c0e4300","correlation_id":"3bb7d88c-1ced-4cf2-9f37-5cc200849cea"}

Have you checked this user whether the user's username or password has changed by others. And the error is for all normal user or just for this user? — SunnySun
Can the users still log in via the UI? It may be that this happens if the users have multi factor authentication enabled for their accounts. — Alex AIT

Marilee Turscak - MSFT Marilee Turscak - MSFT · Accepted Answer · 2018-09-29T04:55:28

It is possible that you didn't grant permissions to your app for certain users. Make sure all of the users are added to the app and ensure that you have the correct web.config or app settings parameters.

Also, have you tried manually resetting the passwords for these users in the portal?

Please check the troubleshooting steps on this similar thread to see if this can resolve the issue.

Azure AD- Resource owner credential flow error Invalid username or password

2 Answers