AADSTS90013: Invalid input received from the user. (header thumbnail)

Solving error “AADSTS90013: Invalid input received from the user”

I stumbled upon a customer, that complained about some pages in their intranet throwing weird errors with authentication. Those pages seemed to have one thing in common – there was a Yammer embed (or a SharePoint script webpart with Yammer embed script in it, to be precise) there. The error code they got was “AADSTS90013: Invalid input received from the user”.

Below, you can see an example of the error screen.

AADSTS90013: Invalid input received from the user.
AADSTS90013: Invalid input received from the user.

Okay – this is going to be extremely specific, and probably won’t solve the issue for all of you out there! But this is what worked for this customer:

Solution: Check Yammer embed for issues in authentication configuration

In this case, there was a Yammer embed on the page that threw the error. If you’d use a tool like Wireshark (or Chrome network tab and had quick fingers), you’d see that the authentication call to Yammer failed. Hence you’re redirected to login page, which tries to authenticate you against Yammer – and fails. Quite catastrophically, even, and doesn’t return you to the original site.

AADSTS90013: Network-tab shows that call to yammer fails
AADSTS90013: Network-tab shows that we’re authenticating against Yammer

Now, this should be a fairly fast detour for the user – the login page should actually log you in and then redirect you back! But alas, it fails. Why?

In this particular case, the Yammer embed script was misconfigured. There were extra < > -letters in the network name, and that messed up the authentication. However, the same code had worked just fine for months – even though the embed had those extra letters!

What was wrong with the embed in this case?

So whereas it should’ve been something like this:

<div id="embedded-feed" style="height:800px;width:400px;"></div>
<script type="text/javascript" src="https://s0.assets-yammer.com/assets/platform_embed.js"></script>
<script type="text/javascript">

yam.connect.embedFeed({

  container: "#embedded-feed",
  network: "yammernetworkname",

});

</script>

It was like this:

<div id="embedded-feed" style="height:800px;width:400px;"></div>
<script type="text/javascript" src="https://s0.assets-yammer.com/assets/platform_embed.js"></script>
<script type="text/javascript">

yam.connect.embedFeed({

  container: "#embedded-feed",
  network: "<yammernetworkname>",

});

</script>

(Yammer embed options omitted for clarity)

So, even with the “network” attribute containing a faulty value, it used to work for quite some time. Suddenly, it stopped working.

We couldn’t figure out the actual reason why it stopped working. Could be Microsoft making changes to Yammer platform JavaScript -library, or tweaking Azure AD authentication settings.

The embed script itself was probably broken all along. The main thing for us was that everything started working after the embed script was fixed! 🙂

The following two tabs change content below.

Antti K. Koskela

Solutions Architect / Escalations Engineer at Koskila / Norppandalotti Software / Valo Solutions
Antti Koskela is a proud digital native nomadic millenial full stack developer (is that enough funny buzzwords? That's definitely enough funny buzzwords!), who works as a Solutions Architect for Valo Intranet, the product that will make you fall in love with your intranet. Working with the global partner network, he's responsible for the success of Valo deployments happening all around the world. He's been a developer from 2004 (starting with PHP and Java), and he's been bending and twisting SharePoint into different shapes since MOSS. Nowadays he's not only working on SharePoint, but also on .NET projects, Azure, Office 365 and a lot of other stuff. This is his personal professional (e.g. professional, but definitely personal) blog.

Let me know your thoughts!