Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[Bug] Cannot get Access token from AcquireTokenInteractive

See original GitHub issue

Which Version of MSAL are you using ? Microsoft.Identity.Client: 4.18.0

Platform .Net 4.7.2

What authentication flow has the issue?

Desktop / Mobile
- Interactive
- Integrated Windows Auth
- Username Password
- Device code flow (browserless)
Web App
- Authorization code
- OBO
Web API
- OBO

Other? - please describe;

Is this a new or existing app? This is a testing app before applying to my existing app

var pcaOptions = new PublicClientApplicationOptions
            {
                ClientId = "my client id",
                TenantId = "my tenant id",
                RedirectUri = "http://localhost:49468/",
            };

            string[] scopes = new string[] { "SMTP.Send" };

            var app = PublicClientApplicationBuilder.CreateWithApplicationOptions(pcaOptions)
                .WithLogging(Log, LogLevel.Verbose, true)
                .Build();

            var accounts = await app.GetAccountsAsync();
            AuthenticationResult result;

            try
            {
                result = await app.AcquireTokenSilent(scopes, accounts.FirstOrDefault())
                            .ExecuteAsync();
            }
            catch (MsalUiRequiredException)
            {
                try
                {
                    result = await app.AcquireTokenInteractive(scopes)
                            .ExecuteAsync();
                }
                catch (Exception ex)
                {
                }

            }

Expected behavior Getting the result with access token

Actual behavior Exception: A configuration issue is preventing authentication - check the error message from the server for details.You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details. Original exception: AADSTS7000218: The request body must contain the following parameter: ‘client_assertion’ or ‘client_secret’.

Possible Solution I did some research, people said that I need to set the application as a public client. But no luck

Issue Analytics

State:
Created 3 years ago
Comments:11 (2 by maintainers)

Top GitHub Comments

1reaction

ntvuong1709itcommented, Sep 14, 2020

@ntvuong1709it Can you provide your manifest from the portal and a link to your code? you can send via email if you prefer : jeferrie@microsoft.com

Sorry for the late response, I have sent you the email with the manifest file. Please have a look. Regarding to my code, I provided above and pretty much it. It’s a console app to test acquiring access token interactively

0reactions

jmprieurcommented, Sep 16, 2020

Thanks for the update, @ntvuong1709it Closing this issue.

Top Results From Across the Web

Access is denied when trying to AcquireTokenInteractive ...

I am calling Graph API from my Bot service and everything works fine when I am working on localhost, but after deployment to...

Handle errors and exceptions in MSAL.NET

Most of the time when AcquireTokenSilent fails, it is because the token cache doesn't have tokens matching your request. Access tokens expire in ......

How to combine Graph & SharePoint permission consent ...

The problem here for my use case is that AcquireTokenSilent and AcquireTokenInteractive can only be used to get an access token from a ......

AcquireTokenInteractive

ExecuteAsync(); The MSAL. AcquireTokenInteractive. NoPrompt) . 3 to version 3. AccessToken; } public static async Task GetGraphServiceClient() { var 07 Jun ...

Connecting to Exchange Online PowerShell by passing an ...

1. Support for providing an Access Token with Connect-ExchangeOnline. 2. Bug fixes in Connect-ExchangeOnline and Get-ConnectionInformation.