The OneDrive for Business error code 0x8004de40 appears when you try to sign in and the authentication process fails. This error often returns even after standard troubleshooting steps like clearing credentials or reinstalling the app. The root cause is typically a corrupted token cache or a mismatch in the authentication broker on Windows. This article explains why the error persists and provides a permanent fix that addresses the underlying token and credential store issues.
Key Takeaways: Fixing the 0x8004de40 Sign-In Error Permanently
- Windows Credential Manager > Windows Credentials > OneDrive Cached Credentials: Removing stale tokens forces a fresh authentication handshake with Microsoft 365 servers.
- Run dialog > ms-settings:workplace: Disconnecting and reconnecting the work or school account clears the broken Azure AD token stored by the system.
- OneDrive Settings > Account > Unlink this PC: Unlinking resets the local sync relationship and removes corrupted device registration data.
Why the 0x8004de40 Error Persists After Standard Fixes
Error 0x8004de40 is a sign-in failure code that indicates the OneDrive client cannot complete authentication with the Microsoft 365 identity service. The error message usually reads “Something went wrong” or “We couldn’t sign you in.” Standard troubleshooting such as restarting the app, signing out and back in, or reinstalling OneDrive often fails because the corrupted token remains cached in the Windows Credential Manager and in the Azure AD broker.
The token cache stores your authentication tokens so you do not have to enter your password every time. When the token becomes stale, malformed, or out of sync with the server-side session, the authentication broker rejects it. OneDrive then retries the old token repeatedly, producing the same error each time. Simply unlinking OneDrive does not always clear the token cache in the credential store or the work account registration in Windows Settings. A complete reset requires three separate removal steps: credential manager entries, work account registration, and the OneDrive local cache.
Why Microsoft Support Cases See This Error Repeatedly
Microsoft support engineers often encounter this error on machines that have had multiple Office activations or device changes. The token cache accumulates entries from previous sign-ins, and the authentication broker tries each one until it finds a valid token. If all cached tokens are expired or invalid, the process fails with 0x8004de40. The error returns because the broken tokens remain in the system even after a standard repair.
Steps to Permanently Resolve the 0x8004de40 Sign-In Error
Follow these steps in the exact order listed. Do not skip any step. Each step clears a different layer of cached authentication data.
- Close OneDrive completely
Right-click the OneDrive cloud icon in the system tray and select Pause syncing > Quit OneDrive. Verify that the icon disappears from the system tray. If the icon remains, press Ctrl+Alt+Delete, open Task Manager, select Microsoft OneDrive under Processes, and click End task. - Delete OneDrive cached credentials from Credential Manager
Press Windows key + R, type control keymgr.dll, and press Enter. In the Credential Manager window, click Windows Credentials. Scroll to the Generic Credentials section. Look for any entry that contains “OneDrive”, “MicrosoftOffice16”, “Microsoft.AAD.BrokerPlugin”, or “MicrosoftAccount”. Click the arrow next to each entry and select Remove. Confirm the removal when prompted. Close the Credential Manager window. - Disconnect the work or school account from Windows
Press Windows key + R, type ms-settings:workplace, and press Enter. Under Access work or school, find the account that shows Connected to your organization. Click the account name, then click Disconnect. Confirm the action. Restart your computer when prompted. - Unlink OneDrive from your PC
Open OneDrive by searching for it in the Start menu. Click the OneDrive cloud icon in the system tray. Click the Settings gear icon, then select Settings. Go to the Account tab. Under Your account, click Unlink this PC. Click Unlink account to confirm. OneDrive will close automatically. - Clear the OneDrive local cache folder
Press Windows key + R, type %localappdata%\Microsoft\OneDrive\, and press Enter. Delete all files and folders inside this directory. Do not delete the OneDrive folder itself. If a file is in use, restart your computer and try again. - Reconnect your work or school account
Press Windows key + R, type ms-settings:workplace, and press Enter. Click Connect. Enter your work or school email address and password. Follow the prompts to complete the connection. Restart your computer. - Sign in to OneDrive again
Open OneDrive from the Start menu. Enter your work or school email address and click Sign in. Complete the authentication flow. OneDrive should now sync without the 0x8004de40 error.
If OneDrive Still Shows the 0x8004de40 Error After the Main Fix
OneDrive error 0x8004de40 reappears after a few days
This indicates that the token refresh cycle is still broken. The issue is often caused by a corrupted Azure AD broker plugin. To fix it, reset the Microsoft AAD BrokerPlugin by running the following command as an administrator in PowerShell: Get-AppxPackage Microsoft.AAD.BrokerPlugin | Reset-AppxPackage. After the command completes, restart your computer and repeat the sign-in steps above.
Error 0x8004de40 appears only on specific OneDrive accounts
If you have multiple OneDrive accounts linked to the same PC, the error may affect only one account. Remove the affected account from Settings > Accounts > Access work or school and from Credential Manager. Then sign in only to the affected account first before adding other accounts.
Error 0x8004de40 occurs after a password change
When you change your Microsoft 365 password, the cached token becomes invalid immediately. Follow the full set of steps above. The credential removal step is essential because the old password hash remains in the credential store.
OneDrive Sync vs Credential Cache: Key Differences
| Item | OneDrive Sync Client | Windows Credential Cache |
|---|---|---|
| Description | Manages file synchronization between your PC and OneDrive cloud storage | Stores authentication tokens and passwords for apps and services |
| Role in error 0x8004de40 | Initiates the sign-in request and displays the error | Provides the stale or corrupted token that causes authentication failure |
| Persistence after unlink | Clears local sync settings but does not remove tokens | Tokens remain until manually deleted from Credential Manager |
| Recommended fix | Unlink this PC and clear local cache | Remove all OneDrive and Microsoft entries from Windows Credentials |
Now you can permanently resolve the 0x8004de40 sign-in error by clearing all three layers of cached authentication data: the Credential Manager tokens, the Windows work account registration, and the OneDrive local cache. Next time you change your password or move to a new device, run the steps in the same order to prevent the error from returning. For advanced troubleshooting, use the PowerShell Reset-AppxPackage command on the AAD BrokerPlugin to rebuild the token broker from scratch.