Hi @Nofar
Try enabling public client flow for your app:
Hope this helps.
If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hello,
I want to connect to the Outlook Calendar API to read, create, update, and delete events. For this, I need to ask the user for consent.
The first thing I'm doing is to generate the login URL like this:
const msalConfig = {
auth: {
clientId: process.env.OUTLOOK_CLIENT_ID,
authority: `https://login.microsoftonline.com/${process.env.OUTLOOK_TENANT_ID}`,
redirectUri: process.env.REDIRECT_URL_DEVELOPMENT,
},
};
const pca = new PublicClientApplication(msalConfig);
const ccaConfig = {
auth: {
clientId: process.env.OUTLOOK_CLIENT_ID,
authority: `https://login.microsoftonline.com/${process.env.OUTLOOK_TENANT_ID}`,
clientSecret: process.env.OUTLOOK_CLIENT_SECRET_VALUE,
},
};
const cca = new ConfidentialClientApplication(ccaConfig);
const scopes = process.env.OUTLOOK_SCOPES || 'https://graph.microsoft.com/.default';
const authCodeUrlParameters = {
scopes: scopes.split(','),
redirectUri: process.env.REDIRECT_URL_DEVELOPMENT,
};
const url = await pca.getAuthCodeUrl(authCodeUrlParameters);
return url;
Then, I redirect the user to the URL link that I generated. After the user grants consent, I get a code to use to get the Access Token.
So this is the code I'm using to get the Access Token:
const scopes = process.env.OUTLOOK_SCOPES || 'https://graph.microsoft.com/.default';
const tokenRequest = {
code: req.body.code,
scopes: scopes.split(','),
redirectUri: process.env.REDIRECT_URL_DEVELOPMENT,
};
let result;
try {
result = await pca.acquireTokenByCode(tokenRequest);
//accessToken
console.log(result.accessToken);
} catch (e) {
console.log(e.message);
}
So here I'm getting an error of: "invalid_client: The request body must contain the following parameter: 'client_assertion' or 'client_secret'."
Then, I tried to add the 'client_secret' to the tokenRequest, but I still got the same error.
Why am I getting this error and how can I fix it?
Hope someone can help!
Hi @Nofar
Try enabling public client flow for your app:
Hope this helps.
If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.