Issue
If your organization is using Microsoft Entra ID as its identity provider for SSO and the associated client secret in Azure has expired, users will be unable to access Hyperproof. When attempting to log in, users may encounter a generic message such as “An unexpected error occurred. Please try again” or a Microsoft-specific error code like AADSTS7000222.
How to Identify the Problem
To confirm whether an expired client secret is the cause, check the URL of the error page after a failed login attempt. If the issue is related to the client secret, the URL will typically include keywords such as invalid expired client secret. For example:
If the full URL of the error message is viewed, you will see the following text if this is related to an expired client secret:
Steps to Resolve
If it’s determined that the client secret has expired, follow these steps to restore SSO access:
Generate a New Client Secret
In Azure, create a new client secret by following the instructions in Hyperproof’s SSO configuration guide:
SSO Configuration with Entra ID
( https://docs.hyperproof.io/admin/en/authentication-and-security/sso-azure-ad-oidc.html )Update the Secret in Hyperproof
Provide the new client secret to a Hyperproof organization administrator, who can then update the SSO settings accordingly.
Once the update is complete, users should be able to log in to Hyperproof using SSO again.
Note
If your organization has configured SSO as "Required for all users" and the client secret expires, all users—including administrators—will be locked out of Hyperproof. In this situation, please open a support ticket. The Hyperproof Support team will assist you in regaining access to update the client secret.
Please keep in mind that the client secret is managed through Microsoft Entra ID, and Hyperproof has no visibility into its expiration status. To prevent future disruption, we strongly recommend setting a recurring task or reminder to proactively refresh the secret before it expires.
REF 000001397