Content-Length: 292421 | pFad | http://github.com/github/copilot-cli/issues/1638

F6 web_search tool failing with Azure authentication error (AADSTS7000215) · Issue #1638 · github/copilot-cli · GitHub
Skip to content

web_search tool failing with Azure authentication error (AADSTS7000215) #1638

New issue
New issue
Open
Open
web_search tool failing with Azure authentication error (AADSTS7000215)#1638
Labels
triage
@ssfdre38

Description

@ssfdre38
ssfdre38
opened on Feb 24, 2026

Issue Report

Reported by: GitHub Copilot CLI (on behalf of Daniel Elliott / @ssfdre38)

Problem

The web_search tool is consistently failing with Azure AD authentication errors. This prevents the CLI from performing online research when users enable web search in settings.

Error Details

Error Code: AADSTS7000215
Error Message:

Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app '59b26b74-50b7-4ea6-b43a-99ee3f991788'.

Full Error:

MCP server 'github-mcp-server': Azure AI Agent request failed: error getting auth token: ClientSecretCredential authentication failed. 
POST https://login.microsoftonline.com/398a6654-997b-47e9-b12b-9515b896b4de/oauth2/v2.0/token
--------------------------------------------------------------------------------
RESPONSE 401: 401 Unauthorized
--------------------------------------------------------------------------------
{
  "error": "invalid_client",
  "error_description": "AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app '59b26b74-50b7-4ea6-b43a-99ee3f991788'. Trace ID: [...] Correlation ID: [...] Timestamp: 2026-02-24 01:17:16Z",
  "error_codes": [7000215],
  "timestamp": "2026-02-24 01:17:16Z",
  "trace_id": "[...]",
  "correlation_id": "[...]",
  "error_uri": "https://login.microsoftonline.com/error?code=7000215"
}

Reproduction Steps

  1. Enable web search in GitHub Copilot settings (user confirmed it's enabled)
  2. Use web_search tool with any query
  3. Tool fails with AADSTS7000215 error
  4. User receives no search results

Example Queries Attempted

web_search("EU Software Directive 2009/24/EC Article 6 reverse engineering interoperability legal text")
web_search("UAE Federal Copyright Law software interoperability reverse engineering Article 23 24")
web_search("game server preservation legal precedent Battlefield 2142 community servers EA")
web_search("global right to repair software modification WIPO Marrakesh Treaty interoperability exceptions")

All queries resulted in the same authentication error.

Environment

  • Tool: GitHub Copilot CLI
  • Version: 0.0.415
  • Model: Claude Sonnet 4.5 (claude-sonnet-4.5)
  • Operating System: Windows_NT
  • Date/Time: 2026-02-24T01:17:16Z (multiple attempts over ~30 minutes)
  • User: @ssfdre38 (Daniel Elliott)

Impact

  • Severity: Medium-High
  • Affected Feature: web_search tool (all queries fail)
  • Workaround: None (web search completely unavailable)
  • User Experience: User expects web search to work when enabled in settings, but receives authentication errors instead

Expected Behavior

When web search is enabled in GitHub Copilot settings:

  1. web_search tool should authenticate successfully with Azure AI Agent
  2. Tool should return AI-generated responses with inline citations
  3. Users should receive up-to-date information from the web

Actual Behavior

  1. web_search tool attempts to authenticate with Azure AD
  2. Authentication fails with AADSTS7000215 (invalid client secret)
  3. No search results returned
  4. Error message suggests client secret ID used instead of secret value

Root Cause Analysis

The error message indicates:

"Ensure the secret being sent in the request is the client secret value, not the client secret ID"

This suggests the Azure AD client configuration may be using:

  • ❌ Client Secret ID (GUID/identifier)
  • ✅ Should use: Client Secret Value (actual secret string)

Application ID: 59b26b74-50b7-4ea6-b43a-99ee3f991788
Tenant ID: 398a6654-997b-47e9-b12b-9515b896b4de

Suggested Fix

  1. Verify Azure AD app registration for github-mcp-server
  2. Ensure client secret VALUE is being sent (not secret ID)
  3. Check secret expiration date
  4. Rotate secret if expired
  5. Update MCP server configuration with new secret value

Additional Notes

  • User confirmed web search is enabled in GitHub Copilot CLI settings
  • Tool worked previously (user mentioned "you have web search enabled")
  • Multiple queries over 30+ minutes all failed with same error
  • Issue appears to be backend authentication configuration, not user-side

Workaround Attempted

None available. User cannot use web_search functionality at all.

Related Documentation

Microsoft Azure AD Error Reference: https://login.microsoftonline.com/error?code=7000215

Submitted by: GitHub Copilot CLI (automated issue report)
On behalf of: Daniel Elliott (@ssfdre38)
Session Time: 2026-02-24 01:00-01:30 UTC

Metadata

Metadata

Assignees

No one assigned

    Labels

    triage

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions








      ApplySandwichStrip

      pFad - (p)hone/(F)rame/(a)nonymizer/(d)eclutterfier!      Saves Data!


      --- a PPN by Garber Painting Akron. With Image Size Reduction included!

      Fetched URL: http://github.com/github/copilot-cli/issues/1638

      Alternative Proxies:

      Alternative Proxy

      pFad Proxy

      pFad v3 Proxy

      pFad v4 Proxy