Skip to main content

How to Resolve Microsoft Azure Integration Token Errors in ZenContract

  • Updated

Issue: Users with Microsoft Office 365/Azure integrations receive an error message: "An unexpected error occurred while generating Microsoft tokens" when signing into their Microsoft Office 365 account.

What Causes This Error?

This error typically occurs due to expired Azure application client secrets. Microsoft Azure applications use client secrets for authentication, and these secrets have expiration dates (usually 1-2 years). When they expire, ZenContract can no longer authenticate with Microsoft's services.

 

How to Resolve This Issue

For Organization Administrators:

Step 1: Check Your Azure App Registration

  • Sign in to the Azure Portal
  • Navigate to Microsoft Entra ID (formerly Azure Active Directory)
  • Select App registrations
  • Find your ZenContract application registration
  • Click on Certificates & secrets

Step 2: Check Secret Expiration

In the Client secrets section, check if any secrets show as "Expired"
Note: the expiration dates of your current secrets

 

Step 3: Create a New Client Secret

  • Click + New client secret
  • Enter a description (e.g., "ZenContract Integration - [Current Date]")
  • Choose an expiration period:
    • 6 months (more secure, requires more frequent updates)
    • 12 months (recommended balance)
    • 24 months (maximum, less frequent updates)
  • Click Add
  • IMPORTANT: Copy the secret Value immediately - you won't be able to see it again.

Step 4: Update ZenContract with New Secret

  • Log into your ZenContract admin panel
  • Navigate to System → Admin → Azure
  • Paste the new client secret value into the Azure Client Secret field
  • Click Test Connection to verify the credentials work
  • Click Save Changes

Step 5: Clean Up Old Secrets

  • Return to the Azure Portal
  • Delete the expired client secret(s) from your app registration
  • Keep only the active, non-expired secrets

 

For Individual Users:


If you continue to see this error after your administrator has updated the client secret:

  • Sign out of Microsoft Office 365 in ZenContract:
  • Go to your My Profile page
  • Click Sign Out under Microsoft Office 365 integration
  • Clear your browser cache and cookies
  • Sign back into Microsoft Office 365:
  • Go to your My Profile page
  • Click Connect to Microsoft Office 365
  • Complete the authorization process

Prevention Tips

For Administrators:

  • Set calendar reminders 30 days before your client secrets expire
  • Consider using certificates instead of secrets for longer-term authentication
  • Keep a record of when secrets were created and their expiration dates
  • Test the integration periodically to catch issues early

Still Need Help?


If you continue experiencing issues after following these steps:

  1. Verify that your Azure app registration has the correct API permissions
  2. Check that the Tenant ID and Client ID in ZenContract match your Azure app registration
  3. Ensure your Microsoft 365 license includes the required permissions for integration
  4. Contact support@zencontract.com with:
    • The exact error message you're seeing
    • Screenshots of your Azure app registration configuration
    • Your ZenContract organization details

 

Related Articles

Set Up Microsoft Outlook and SharePoint (Step 1: Create Azure Application)

 

Related articles

Powered by Zendesk