Trying to get access token by AcquireTokenAsync but getting failed with exception body parameters must contain 'client_secret or client_assertion'

Question

I am trying get access token without auth code, so using below method to get it. but i am facing issue as "the request body must contain the following parameter 'client_secret or client_assertion'"

Can you suggest necessary pointers on this. Running this in console application.

try
{
    // Use the 'Microsoft.Experimental.IdentityModel.Clients.ActiveDirectory' Nuget package for auth.
    AuthenticationContext authContext = new AuthenticationContext(authority);
    AuthenticationResult authResult = authContext.AcquireTokenAsync(resourceId, clientId, new UserCredential(crmAdminUserName, crmAdminPassword)).Result;
}
catch (Exception e)
{
    Console.WriteLine(e.Message);
}

Could this answer your question: http://stackoverflow.com/a/41159005/1658906? — juunas, Feb 10 '17 at 07:39
The problem is that that version of ADAL does not support the Password Grant Flow properly. It has to send the client secret in the call as well. That's the reason you get the error message. But I already gave a solution to this in the answer I linked, so I won't write it here again. — juunas, Feb 10 '17 at 07:40
@juunas : Thanks for the help !!. It is working now but one issue is there while making a postasync call the dialogue box is prompting that i dont want in the background. I will execute this piece of code in the backend services. not expecting this prompting box. Any workaround on this. — Amit Patange, Feb 10 '17 at 08:46
@AmitPatange just wanted to mention you're using ADAL experimental which is not a recommended or supported library. If you're using a non-converged app (registered in the Azure Portal), stick to ADAL. Otherwise, checkout the MSAL public preview library. — Daniel Dobalian, Feb 11 '17 at 00:36
Does this answer your question? [How do I resolve the error AADSTS70002: The request body must contain the following parameter: 'client\_secret' or 'client\_assertion'](https://stackoverflow.com/questions/45609432/how-do-i-resolve-the-error-aadsts70002-the-request-body-must-contain-the-follow) — TylerH, Mar 10 '22 at 17:50

score 0 · Answer 1 · answered Feb 10 '17 at 09:14

There are two kinds of clients on Azure AD, one is public and the other is confidential which requires provide secret when we acquire the token.

To fix this issue, you can register a public client(native client application) in this scenario.

Here is a helpful document about integrating applications with Azure active directory.

Julius Depulla · Accepted Answer · 2018-02-14T15:29:54.807

0

Assuming the app is registered in the portal, and you know the client id, client secret key/app key, authority and audience

Then this code snippet will get you the access token

AuthenticationContext authContext = new AuthenticationContext(authority); ClientCredential clientCredential = new ClientCredential(clientId, clientkey); AuthenticationResult authenticationResult = await authContext.AcquireTokenAsync(ResourceUrl, clientCredential);

Resource Id/Resource Url e.g. https://manage.windowsazure.com/{placeholder-for-your-azure-ad-tenant-name}.onmicrosoft.com

AcquireTokenAsync documentation is available from here

AuthenticationContext class documentation is available from here

edited Feb 14 '18 at 15:29

answered May 28 '17 at 21:29

Julius Depulla

1,493
1
12
27

audience being? – DannyThunder Feb 14 '18 at 12:36
@DannyThunder I have edited the code snippet, it is the resource url to you Azure AD Tenant. Please see edited text – Julius Depulla Feb 14 '18 at 15:26

Trying to get access token by AcquireTokenAsync but getting failed with exception body parameters must contain 'client_secret or client_assertion'

2 Answers2