| Description | This article describes how to review the message log: 'The provided client secret keys for app 'XXXX-XXXX-XXXX-XXX-XXXX' are expired'. |
| Scope | FortiMail. |
| Solution |
The following error message, visible under the Antispam logs, indicates that the FortiMail M365 account's secret key has expired.
Microsoft Graph API: get access token; account: XXXX-XXXX-XXXX-XXX-XXXX; error: invalid_client (AADSTS7000222: The provided client secret keys for app 'XXXX-XXXX-XXXX-XXX-XXXX' are expired. Visit the Azure portal to create new keys for your app: https://aka.ms/NewClientSecret, or consider using certificate credentials for added security: https://aka.ms/certCreds. Trace ID: XXXX-XXXX-XXXX-XXX-XXXX Correlation ID: XXXX-XXXX-XXXX-XXX-XXXXTimestamp: 2024-08-08 09:12:32Z) Since the client certificate cannot be unlimited, it will expire according to the M365 restrictions. Therefore, to continue scanning mailboxes, the client secret key should be renewed on both the M365 and FortiMail sides. Create a new 'Client Certificate' on Microsoft 365, copy the value of the key, and paste it into the 'Application Secret' on the FortiMail account. |
