AADSTS54005: OAuth2 Authorization code was already redeemed

Problem

I have been working with application that uses Device Code Flow to authenticate Office 365 user to consume Graph API resources. My code was working fine until today, but unfortunately today I got the below error.

error: "invalid_grant"
error_codes: [54005]
error_description: "AADSTS54005: OAuth2 Authorization code was already redeemed, please retry with a new valid code or use an existing refresh token.

Solution

As you see, the error message itself is self explanatory message, so I have tried to find the solution in that way. Finally found the real problem is with my code, my recent changes in the code leads to call get token api two times, in first call we are getting valid token, but when we use the same device code in second call, then we are getting the above error message. The problem solved after removing extra call for the get token endpoint with the same code.

Fix for OAuth2 Authorization code was already redeemed, please retry with a new valid code or use an existing refresh token
Advertisement

Leave a Comment