One or more errors occurred. (A configuration issue is preventing authentication - check the error message from the server for details. You can modify the configuration in the application registration portal. See
https://aka.ms/msal-net-invalid-client
for details. Original exception: AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.
Trace ID: a69f37b4-9c44-4c2d-86de-7a51d6984c00
Correlation ID: 9b9c9c29-1255-4e0d-bec6-932938f21eeb
Timestamp: 2023-09-28 04:59:44Z)'
Hello,
I have same error;
I'm trying to authenticate using MS Extra ID (Login form), of course it does not need Client Secret;
So, I got same error despite of setting was set on Yes according of screen above.
Thank you in advanced
I have an app just started doing the same thing using PublicClientApplicationBuilder (it doesn't have the SecretValue option that ConfidentialClientApplicationBuilder has) and, of course, 'Allow Public Client Flows' is set to Yes.
Something has changed at the MS end!
It is definitely changing rules and API interfaces time to time quickly, I use API for C# and some classes and methods not exists after update MS.Graph DLLs with new versions from 4.0 to 5.0, but anyway it should be replacement info somewhere.
e.g. class which was used to login with Extra ID DelegateAuthenticationProvider, not exist in new version DLLs.
@Arakula, Pavani
Thank you for your post!
I understand that you're running into the below error message and to hopefully help point you in the right direction or resolve your issue, I'll share my findings with below.
Error Message:
AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.
Findings:
Based off your error code -
AADSTS7000218
, I found some
Stack Overflow threads
and internal issues relating to your error message, and this could be due to the wrong App Registration default client type being used.
Client Credentials flow, Authorization Code flow, and On-Behalf-Of flow are used by Confidential client to request a token. Azure AD will return the above error if the request is missing a client secret or a client assertion.
In order to resolve this, you'll need to:
Navigate to your Azure AD App Registration
Select Authentication
Change Allow public client flows to "Yes"
For more info -
AADSTS7000218
Additional Links:
RECEIVING ERROR AADSTS7000218
AADSTS error codes
Public client and confidential client applications
Desktop application authentication documentation
Desktop app that calls web APIs: Acquire a token
I hope this helps!
If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.
If the information helped address your question, please
Accept the answer
. This will help us and also improve searchability for others in the community who might be researching similar information.
