Authentication Failure: AADSTS90023: Invalid STS request

[jbdaudet]

I'm unable to connect to sharepoint O365 with an email + password: the error message I receive seems not to have been reported yet: Invalid Request: AADSTS90023: Invalid STS request Any idea what could be causing this? The email + password successfully work with an other python package (shareplum) which unfortunately does not offer the functionalities I need.

[nickallan1]

I'm having the same issue.

[SHcoding]

I am also having this issue. I do not have any special characters in my password etc.

[Mark531]

Same issue.

[sharan21]

I tried the following change^, does not work. Any progress with this issue?

[hdkdinh]

We also meet this issue. Our user has two Microsoft accounts. When he login into Outlook 365 and meet this error. Do you have any solution for this? Thanks.

[JonathanHolvey]

Please try the SharePy v2 beta that's now available on PyPI.

pip install sharepy==2.0.0b1.post2

[Geigco]

In my case "AADSTS90023: Invalid STS request." meant just that. The request was invalid.

The reason my SOAP request to https://login.microsoftonline.com/extSTS.srf was invalid was because I did not encode the the values in <o:Password>. If you have a character like an ampersand (&) you must replace it with "&amp;".

Just look up XMLEncoding. There will be a XML Encode function in all major programming languages.

While this might not fix your specific problem it might help out a good amount of people.

[JonathanHolvey]

The reason my SOAP request to https://login.microsoftonline.com/extSTS.srf was invalid was because I did not encode the the values in <o:Password>. If you have a character like an ampersand (&) you must replace it with "&amp;".

Are you sure this is the case? SharePy is already escaping any special characters in both your username and password, using the xml.sax.saxutils.escape function. This will substitute & with &, which should be enough to make the XML valid.

[MareSeestern]

Same issue

[Colin-Root]

Anyone solved this issue? I am facing the same problem.

[Maswdle]

I am facing the same problem again...

[xcx-lx]

我一样

[ardalis]

Same. Request Id: 19f19d8f-f085-41a0-ac0b-b0072621bf01 Correlation Id: 67352a28-fbf7-4e11-9148-6a0cc67d94d3 Timestamp: 2022-12-13T02:38:04Z Message: AADSTS90023: Invalid STS request.

[Geigco]

Same. Request Id: 19f19d8f-f085-41a0-ac0b-b0072621bf01 Correlation Id: 67352a28-fbf7-4e11-9148-6a0cc67d94d3 Timestamp: 2022-12-13T02:38:04Z Message: AADSTS90023: Invalid STS request.

Did you look for characters that aren't allowed in XML? This is most people's issue.

[ardalis]

In what? My email address is just a standard [email protected] address. And there's no way my password should be passed around as part of this. I do not have any < > & characters in my password, either, which should be the most likely culprits.

[Tadaz]

In my case "AADSTS90023: Invalid STS request." meant just that. The request was invalid.

The reason my SOAP request to https://login.microsoftonline.com/extSTS.srf was invalid was because I did not encode the the values in <o:Password>. If you have a character like an ampersand (&) you must replace it with "&".

Just look up XMLEncoding. There will be a XML Encode function in all major programming languages.

While this might not fix your specific problem it might help out a good amount of people.

Life saving... Took me hours to find out this.