Thank you for your post!
I understand that you're running into the below error message and to hopefully help point you in the right direction or resolve your issue, I'll share my findings with below.
Error Message:
AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.
Findings:
Based off your error code - AADSTS7000218, I found some Stack Overflow threads and internal issues relating to your error message, and this could be due to the wrong App Registration default client type being used.
Client Credentials flow, Authorization Code flow, and On-Behalf-Of flow are used by Confidential client to request a token. Azure AD will return the above error if the request is missing a client secret or a client assertion.
In order to resolve this, you'll need to:
- Navigate to your Azure AD App Registration
- Select Authentication
- Change Allow public client flows to "Yes"
For more info - AADSTS7000218
Additional Links:
- RECEIVING ERROR AADSTS7000218
- AADSTS error codes
- Public client and confidential client applications
- Desktop application authentication documentation
- Desktop app that calls web APIs: Acquire a token
I hope this helps!
If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.
If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.