Unable to get OneDrive token

Help and Support
1

What is the problem you are having with rclone?

My OneDrive client secret expired.
I set a new one in Azure Portal and tried to set it in rclone.
I tried :

  • directly on the server, using the copy/paste of the command "rclone authorize "onedrive" "xxxxxxxxxxxx"" on my computer
  • following other post recommandation, I tried also to set it up directly on my computer to later copy the config file

In both cases I received a Success! message in the browser but got the following error message :
NOTICE: Fatal error: failed to get token: oauth2: "invalid_grant" "AADSTS70000: The provided value for the 'code' parameter is not valid. The code has expired.

Run the command 'rclone version' and share the full output of the command.

rclone v1.69.1

  • os/version: darwin 13.7 (64 bit)
  • os/kernel: 22.6.0 (x86_64)
  • os/type: darwin
  • os/arch: amd64
  • go/version: go1.24.0
  • go/linking: dynamic
  • go/tags: cmount

Which cloud storage system are you using? (eg Google Drive)

OneDrive

Please run 'rclone config redacted' and share the full output. If you get command not found, please make sure to update rclone.

[OneDrive Perso]
type = onedrive
client_id = XXX
client_secret = XXX

A log from the command that you were trying to run with the -vv flag

rclone authorize -vv "onedrive" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
2025/04/02 08:38:43 DEBUG : rclone: Version "v1.69.1" starting with parameters ["rclone" "authorize" "-vv" "onedrive" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"]
2025/04/02 08:38:43 DEBUG : **temp-fs**: config in: state="", result=""
2025/04/02 08:38:43 DEBUG : Using config file from "/Users/XXX/.config/rclone/rclone.conf"
2025/04/02 08:38:43 DEBUG : OAuth only is set - overriding return state
2025/04/02 08:38:43 DEBUG : **temp-fs**: config out: out=&{State:*oauth,,, Option:<nil> OAuth:<nil> Error: Result:}, err=<nil>
2025/04/02 08:38:43 DEBUG : **temp-fs**: config in: state="*oauth,,,", result=""
2025/04/02 08:38:43 DEBUG : **temp-fs**: config out: out=&{State:*oauth-confirm,,, Option:<nil> OAuth:<nil> Error: Result:}, err=<nil>
2025/04/02 08:38:43 DEBUG : **temp-fs**: config in: state="*oauth-confirm,,,", result=""
2025/04/02 08:38:43 DEBUG : Auto confirm is set, choosing default "true" for state "*oauth-islocal,,,", override by setting config parameter "config_is_local"
2025/04/02 08:38:43 DEBUG : **temp-fs**: config out: out=&{State:*oauth-islocal,,, Option:<nil> OAuth:<nil> Error: Result:true}, err=<nil>
2025/04/02 08:38:43 DEBUG : **temp-fs**: config in: state="*oauth-islocal,,,", result="true"
2025/04/02 08:38:43 DEBUG : **temp-fs**: config out: out=&{State:*oauth-do,,, Option:<nil> OAuth:<nil> Error: Result:}, err=<nil>
2025/04/02 08:38:43 DEBUG : **temp-fs**: config in: state="*oauth-do,,,", result=""
2025/04/02 08:38:43 NOTICE: Make sure your Redirect URL is set to "http://localhost:53682/" in your custom config.
2025/04/02 08:38:43 DEBUG : Starting auth server on 127.0.0.1:53682
2025/04/02 08:38:43 NOTICE: If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth?state=HXPZALb33LdYL3Eivq5mSQ
2025/04/02 08:38:43 NOTICE: Log in and authorize rclone for access
2025/04/02 08:38:43 NOTICE: Waiting for code...
2025/04/02 08:38:43 DEBUG : Redirecting browser to: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?access_type=offline&client_id=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx&redirect_uri=http%3A%2F%2Flocalhost%3A53682%2F&response_type=code&scope=Files.Read+Files.ReadWrite+Files.Read.All+Files.ReadWrite.All+Sites.Read.All+offline_access&state=xxxxxxxxxxxxxxxxxxxxxxxxx
2025/04/02 08:38:46 DEBUG : Received GET request on auth server to "/"
2025/04/02 08:38:46 NOTICE: Got code
2025/04/02 08:38:46 DEBUG : Closing auth server
2025/04/02 08:38:46 DEBUG : Closed auth server with error: accept tcp 127.0.0.1:53682: use of closed network connection
2025/04/02 08:38:47 DEBUG : **temp-fs**: config out: out=<nil>, err=failed to get token: oauth2: "invalid_grant" "AADSTS70000: The provided value for the 'code' parameter is not valid. The code has expired. Trace ID: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Correlation ID: xxxxxxxxxxxxxxxxxxxxxxxxxxx Timestamp: 2025-04-02 06:38:47Z" "https://login.microsoftonline.com/error?code=70000"
Error: failed to get token: oauth2: "invalid_grant" "AADSTS70000: The provided value for the 'code' parameter is not valid. The code has expired. Trace ID: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Correlation ID: xxxxxxxxxxxxxxxxxxxxxxxxxxx Timestamp: 2025-04-02 06:38:47Z" "https://login.microsoftonline.com/error?code=70000"
2

It is hard to guess what might be wrong.

But given that others report OneDrive token creation using Azure as working I would suspect that you made some mistake.

Sometimes it helps to delete it and start again making sure that you follow documentation very carefully.

Also have a look at the exactly the same issue here: