I’ve been deploying a SharePoint app to a new farm (actually, it’s a different O365 tenant), and so I had to generate a new CLIENT ID and SECRET.
I’d updated this within the WEB.CONFIG of my provider hosted app – ASP.NET MVC running on Azure – and then published to my Azure WebSite.
BUT – I’m getting this error when using the app from SharePoint :
SecurityTokenException: Invalid issuer or signature.
It turns out that I’d forgotten to update the properies within Azure.
Those settings in the WEB.CONFIG are for a localhost deployment – you need to use the “CONFIGURE” page for Azure.
Scroll down – and check that you’ve correctly set the (NEW) client id and secret.
Make sure to click “SAVE” – and then you should be A-OK to simply re-try the SharePoint app.
It would be nice if the exception message gave more details ! “check the ClientID and Secret” !
🙂
Hopefully that helps someone !
