Hello, I have same error; I'm trying to authenticate using MS Extra ID (Login form), of course it does not need Client Secret; So, I got same error despite of setting was set on Yes according of screen above. Thank you in advanced
How to fix the issue, i'm getting this error- A configuration issue is preventing authentication - Original exception: AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.
Hi Everyone,
I got a production issue.
The details of the issue are :-
One or more errors occurred. (A configuration issue is preventing authentication - check the error message from the server for details. You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details. Original exception: AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.
Trace ID: a69f37b4-9c44-4c2d-86de-7a51d6984c00
Correlation ID: 9b9c9c29-1255-4e0d-bec6-932938f21eeb
Timestamp: 2023-09-28 04:59:44Z)'
Please help on this on urgent basis.
2 answers
Sort by: Most helpful
-
-
JamesTran-MSFT 36,481 Reputation points Microsoft Employee
2023-09-28T21:31:09.7366667+00:00 Thank you for your post!
I understand that you're running into the below error message and to hopefully help point you in the right direction or resolve your issue, I'll share my findings with below.
Error Message:
AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.
Findings:
Based off your error code - AADSTS7000218, I found some Stack Overflow threads and internal issues relating to your error message, and this could be due to the wrong App Registration default client type being used.
Client Credentials flow, Authorization Code flow, and On-Behalf-Of flow are used by Confidential client to request a token. Azure AD will return the above error if the request is missing a client secret or a client assertion.
In order to resolve this, you'll need to:
- Navigate to your Azure AD App Registration
- Select Authentication
- Change Allow public client flows to "Yes"
For more info - AADSTS7000218
Additional Links:
- RECEIVING ERROR AADSTS7000218
- AADSTS error codes
- Public client and confidential client applications
- Desktop application authentication documentation
- Desktop app that calls web APIs: Acquire a token
I hope this helps!
If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.
If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.