AADSTS9000411: The request is not propetly formatted. The parameter 'prompt' is duplicated.

tanusha25 6 Reputation points
2022-08-05T08:03:40.31+00:00

I am using adal.js for implementing the login to my app. For some reason, I cannot use admin_consent, so I am using prompt=consent in extraQueryParameter.

I am getting the prompt as well but after accepting the same it is giving an error

AADSTS9000411: The request is not properly formatted. The parameter 'prompt' is duplicated.

When checked the query contains 2 prompts

prompt=consent and
prompt=none

Also, i don't want to display the consent again if user has accepted once?

Can someone please help why I am getting prompt=none when I am using "consent"?

Any help would be appreciated. Screenshots attached for reference.

228380-prompt-1.png

228453-prompt.png

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. tanusha25 6 Reputation points
    2022-08-24T13:42:31.877+00:00

    Hi @Shweta Mathur ,

    Thanks for your reply!

    Yes the URL mentioned by you is correct but response_type=id_token is what i am using.
    It displays the admin consent screens successfully to me as well & when i checked AZ portal, it does provides the consent also.

    but I am getting this error after accepting from the consent screen.

    The error is coming when I am using "prompt".
    So I used "consentType=Pricncipal" in extraQueryParameter config in place of "prompt" to give user_consent instead of admin_consent.

    1 person found this answer helpful.

  2. Shweta Mathur 30,296 Reputation points Microsoft Employee Moderator
    2022-08-09T07:38:30.86+00:00

    Hi @tanusha25 ,

    Thanks for reaching out.

    I understand you are trying to provide admin consent using prompt=consent and getting the error.

    If you are still facing the issue? Could you please confirm are you using below URL for admin consent?

    https://login.microsoftonline.com/<tenantID>/oauth2/authorize?response_type=token&client_id=<clientID>&resource=https://graph.microsoft.com&scope=openid&prompt=consent

    I tried the above URL and able to consent the application successfully.
    Did you try to consent from incognito window or from another browser and facing similar issue there as well?

    Thanks,
    Shweta


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.