I have a recent issue with DPS registration requests, giving me error " {"Message":"{"errorCode":401002,"message":"The specified SAS token has an invalid signature. It does not match either the primary or secondary key.","trackingId":"E377D48366F943E189A5FEA744D89D95-G2:-TimeStamp:2025-01-03T14:15:03.453324531Z","timestampUtc":"2025-01-03T14:15:03.453324531Z","info":null}","ExceptionMessage":""}".
I have two different IoT Hub in different environments, and my devices are running IoT Edge with group enrollments symmetric keys, but Azure Identidy daemon seems to only be able to register in one of the DPS environments. For this other one, I have that error. I already tried to regenerate the keys. It has been working for many months now, but all of a sudden it doesn't work anymore in that environment. And I can't remember changing anything in the setup.
Thanks for helping
After being provided some help with the Azure support team, it appears that the error came from DPS not being able to communicate with the linked IoT Hub. That link was broken, but no flag is given on the DPS so I had no chance to find the issue.
The user friendly way of recovering this is to delete the link from the DPS tab, and recreate it. With Azure CLI, here's how to update the iot hub connection string registered by DPS:
az iot dps update --name MyExampleDps --set properties.iotHubs[0].connectionString="HostName=MyExampleHub-2.azure-devices.net;SharedAccessKeyName=iothubowner;SharedAccessKey=NewTokenValue"
(Taken from documentation https://learn.microsoft.com/en-us/azure/iot-dps/how-to-manage-linked-iot-hubs?tabs=cli#update-keys-for-linked-iot-hubs )