All geek questions in one place

Ex = {"AADSTS70002: The request body must contain the following parameter: 'client_secret or client_assertion'

This is how I wrote the code and trying to get the result.

The request body must contain the following parameter: client_secretorclient_assertion

 static async Task<AuthenticationResult> getAccessToken()
 {
     string hardcodedUsername = "";
     string hardcodedPassword = "";
     string tenantName = "projectwidgets.com";
     string authString = "https://login.microsoftonline.com/" + tenantName;
     AuthenticationContext authenticationContext = new AuthenticationContext(authString, false);
     //Config for OAuth client credentials
     string clientId = "as";
     string key = "kk";
     string authority = String.Format(CultureInfo.InvariantCulture, aadInstance, tenantName);
     var authContext = new AuthenticationContext(authority);
     AuthenticationResult result = null;
     try
     {
         result = await authContext.AcquireTokenAsync("https://pwsnapitazure.azurewebsites.net", clientId, new UserPasswordCredential(hardcodedUsername, hardcodedPassword));
     }
     catch (Exception ex)
     {
          Console.WriteLine(ex.StackTrace);
          System.Diagnostics.Debug.WriteLine(ex.Message);
     }                        
     return result;
 }
+8
source share
2 answers

According to your code, it seems that you are using a web application / API that uses a username and password for authentication.

we can only use the resource owner’s stream from our own client. A confidential client, such as a website, cannot use the user's direct credentials.

( ), (- /API). , , , ADAL.NET /. Constraints & Limitations.

- , OAuth2, , . - . , - .

+7

Azure . ,

-

enter image description here

,

"allowPublicClient": true

, -

+3

Source: https://habr.com/ru/post/1683404/

More articles:


All Articles