Issue with AADSTS7000218 - 'client_assertion' or 'client_secret'.

Azure-Samples / ms-identity-javascript-v2

VanillaJS sample using MSAL.js v2.x and OAuth 2.0 Authorization Code Flow with PKCE on Microsoft identity platform

MIT License

105 stars 84 forks source link

Issue with AADSTS7000218 - 'client_assertion' or 'client_secret'. #18

Closed Tzvetelin88 closed 4 years ago

Tzvetelin88 commented 4 years ago

Hello,

I get this error:

ServerError: invalid_client: 7000218 - [2020-09-25 07:40:47Z]: AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.

after removing "Mail.Read" from scope, because I don't need it:

scopes: ["Mail.Read", "openid", "profile", "User.Read"],

what could be the issue here?

Tzvetelin88 commented 4 years ago

Actually I found the issue. It was a configuration under Azure AD Application Registration where I have selected WEB and now SPA and there was checkbox under Implicit for ID token.