This is a pretty common issue that comes up. One downloads the UCWA sample and sets it up. However when they go to sign in, they fail each time with an error "Login failed."
If you check the HTTP response you'll see:
HTTP/1.1 400 Bad Request
Content-Length: 25
Content-Type: application/json
X-Ms-diagnostics: 28020;source="Director.NNY.local";reason="No valid security token."
{"error":"invalid_grant"}
At its core, invalid_grant simply means you were unable to be authorized. Possibly bad credentials, or some other reason. (See http://ucwa.lync.com/documentation/GettingStarted-Authentication)
However in this case people will swear they are putting in the correct information.
The reason for this failure is actually pretty simple, but due to the design of the sample it is not always the first thought that comes to mind. The sample only includes a field for your Sign-in address and password, but no username. It makes an assumption that the users SIP sign-in address will be the same as their UPN. If this is not valid for the environment the sample is running in, then there is effectively no way to sign into the sample without making some changes.
The simplest solution is to just add a 3rd text box to allow a username to be entered separately from the sign-in address:
Attached are some changed sample files that can be used to achieve this.
Hello, i’m using a sip that is not a real corporate user, it’s just a valid address in the Skype for Business, it creates the meeting, authenticated users join the meeting normally, but when i’m trying to have a annonymous user to join the conversation (with a android device in extranet) i’m having exactily the same error message:
—–
HTTP/1.1 400 Bad Request
Content-Length: 25
Content-Type: application/json
X-Ms-diagnostics: 28020;source=”xxx.corp.xxxx.xxx.br”;reason=”No valid security token.”
{“error”:”invalid_grant”}
—-
Would I have to create a Active Directory user for my “sip user”?
Sorry for the delay. I’m not sure I follow this. There are specific steps to connect to UCWA as an anonymous user. They will not use a user SIP address. When authenticating as a user, that user must be a valid as far as the Skype for Business server is concerned.