Let's fix all the problems!

How to log in to Microsoft’s websites (MSDN forums, Azure Portal, SharePoint Online) when you get a “Bad Request” error?

This post was most recently updated on April 26th, 2019.

Reading Time: 5 minutes.

Every now and then, something like half of Microsoft’s websites will suddenly stop working – this applies to at least Azure Portal, SharePoint Online sites, MSDN forums, Office Onlineand probably a thousand of other sites.

The error is most of the time something like this:

Bad Request - Request Too Long 
HTTP Error 400. The size of the request headers is too long.

Or like shown below:

Azure Portal throwing an error: "Bad Request - Request Too Long HTTP Error 400. The size of the request headers is too long."
Azure Portal throwing an error: “Bad Request – Request Too Long HTTP Error 400. The size of the request headers is too long.”

Or alternatively, you’re just stuck in a authentication loop forever. In this case, you don’t really have time to get an error message of any kind – but sometimes the solution is still the same!

In any case, this effectively blocks you from accessing the site. Most typically, I’ve encountered this on MSDN forums or Azure Portal – you just get a very blunt, unfriendly and quite useless error message, like above. This applies even to Microsoft’s services, that don’t seem to require logging in – but actually do so, in the background (like Tech Community).

This effectively blocks your access to these sites. Annoying!

Yet once again, the solution is almost stupidly simple.

Reason: Cookie mismatch

This has left me scratching my head a few times – why can’t I access SharePoint Online anymore? Why do I get a Bad Request error when accessing MSDN forums? What’s this HTTP Error 400 when opening Azure Portal? Why does my Outlook Web Access end up in everlasting authentication loop with no exit in sight?

Yeah, it is a bit baffling, isn’t it?

Most of the time, weirdly enough, it wasn’t your fault, though. And it’s not the authentication infrastructure gone haywire either. Instead there’s something amiss with the authentication configuration – and there’s a workaround.

This seems to be simply a cookie mismatch error of sorts, and this error (in a couple of different forms, I guess) has existed on Microsoft’s different sites for quite a few years already. I’m guessing it’s caused by using multiple different accounts for authenticating against different Microsoft’s sites and services, and some of the cookies being leftover from earlier sessions and sites just trying different implicit logging in maneuvers – but failing.

In the end, all of this is just guesswork. The more important part is, that it’s easy to fix!

Solution 1: log in on login.microsoftonline.com

Okay, let’s get the simple stuff out of the way first: maybe the site you’re trying to access actually does have some issues with their authentication. Maybe it’s not you, it’s them.

In this case, it’s a good idea to try logging in using Microsoft’s out-of-the-box login service. Hit the link below and try it out:

https://login.microsoftonline.com

Did it not work? Still the same error? Okay, check out the other solution below!

Solution 2: Remove cookies for Microsoft’s domains

For whatever reason, the typical solution people propose for this issue is to clear your cache and get rid of all cookies. But if you ask me, that’s a huge overkill. You’ll lose all the cached files, all of your existing sessions, all of the cookies, personalization suffers – you usually don’t want that.

And before you remind me, that nuking the whole browser cache is a great option because it removes tracking cookies and ad targeting as well, let me counter that by noting that it’s the wrong solution for that problem :) You should be either using a browser extension or a privacy-oriented browser (like Brave) if you hate ads and tracking cookies. Nuking your cache is approaching the issue from wrong angle!

Okay, but back to the topic – almost surgigally removing Microsoft’s cookies, to force a reauthentication. How to do that?

Since it’s the authentication cookie, that has somehow gone haywire, we’ll just need to get rid of it. And since you actually just want to get rid of the offending cookie and save everything else, here’s what to do!

How to remove invalid cookies for a Microsoft login (such as MSDN login) in Google Chrome:

  1. Click on the site info area in Chrome’s Omnibox (that’s the name of the URL text box in Chrome!)
  2. Click on Cookies (x in use)” (see picture for “Step 1” below).
  3. This should open a new window, where you can see different domains that have set cookies for this site (see picture for “Step 2” below).
  4. Click “Remove” while you’ve selected the domain you were logging in for (or if “login.microsoftonline.com” exists, you can select it, too).
  5. After removing the cookies, you should be able to log in successfully when refreshing the page!
How to remove all cookies in Google Chrome - step 1
Step 1: How to remove all cookies in Google Chrome

And the next step below…

How to remove all cookies in Google Chrome - step 2
Step 2: How to remove all cookies in Google Chrome

Where might this be required?

I’m guessing that you can encounter this issue on any Microsoft web property using authentication. Here’s the list where I’ve encountered the issue so far:

  • Office 365 The Portal
  • Different Office 365 services, most notably:
    • SharePoint Online
    • Microsoft Teams
    • Microsoft Office Online services
  • Azure Portal
  • MSDN Forums
  • Tech Community

To an observant reader, the list above raises a question, though… It has sites that DON’T require authentication! What’s up with that?

Why should I do this on MSDN forums? I’m not logged in!

On some pages, such as MSDN forums, the log-in action might be implicit (it happens automatically in the background). Hence you won’t be ever asked any questions or asked to do any logging in actions. But if you can now access the site, the fix worked.

Let me know whether it worked for you!

Further reading

The same issue has been noticed elsewhere on the internet – and one of my favorite bloggers out there, Marc D Anderson, describes another way to fix this (through Chrome’s settings instead of site settings). While I prefer my way, his instructions might suit your needs better. Check it out here: https://sympmarc.com/2017/01/04/fixing-the-bad-request-request-too-long-error-with-office-365-in-chrome/

Antti K. Koskela

Antti Koskela is a proud digital native nomadic millennial full stack developer (is that enough funny buzzwords? That's definitely enough funny buzzwords!), who works as a Solutions Architect for Valo Intranet, the product that will make you fall in love with your intranet. Working with the global partner network, he's responsible for the success of Valo deployments happening all around the world.

He's been a developer from 2004 (starting with PHP and Java), and he's been bending and twisting SharePoint into different shapes since MOSS. Nowadays he's not only working on SharePoint, but also on .NET projects, Azure, Office 365 and a lot of other stuff.

This is his personal professional (e.g. professional, but definitely personal) blog.
mm

Leave a Reply

avatar
5000
  Subscribe  
Notify of