Hi Kebede, Hallelujah (Reigate),
Thank you for reaching out to Microsoft Q & A forum.
I understand that you're encountering the error message below. To hopefully assist you in finding the right direction or resolving your issue, I'll share my findings with you.
Error Message:
AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.
**
Findings:**
Based off your error code - AADSTS7000218, I found some Stack Overflow threads and internal issues relating to your error message, and this could be due to the wrong App Registration default client type being used.
Confidential clients utilize the Client Credentials flow, Authorization Code flow, and On-Behalf-Of flow to request a token. Azure AD will return the mentioned error if the request lacks a client secret or client assertion.
To resolve this, follow these steps:
- Navigate to your Azure AD App Registration.
- Select Authentication.
- Modify "Allow public client flows" to "Yes".
I hope this helps!
Please feel free to contact us if you have any additional questions.
If you've found the provided answer helpful, please click the "Accept Answer/Upvote" button. This will be beneficial to other members of the Microsoft Q&A forum community.
Thank you.