angular - AADSTS70002 : The request body must contain the following parameter: 'client_secret or client_assertion'

Question

我使用这个库https://github.com/AzureAD/azure-activedirectory-library-for-cordova ，这就是我编写代码的方式:

document.addEventListener("deviceready", () => {
let authContext = new Microsoft.ADAL.AuthenticationContext("https://login.windows.net/(tenant_id)");
console.log("@login : TokenAsync");
var uri = "&client_secret=(value)";
authContext.acquireTokenAsync((resourceurl), (client_id), (redirecturi), this.vEmail, encodeURI(uri))
.then((res) => {
console.log(res);
console.log("Token acquired: " + res.accessToken);
console.log("Ex acquired: " + res.expiresOn);
}, reject => {
console.log(reject);
}); }, false);

我尝试使用 extraQueryParameters 添加 client_secret，但错误仍然相同:

AADSTS70002: The request body must contain the following parameter: 'client_secret or client_assertion'.

如何添加 client_secret ？或者有其他解决方案吗？

Answer 1

AADSTS70002: The request body must contain the following parameter: 'client_secret or client_assertion'.

根据您提到的异常，我假设您注册了 Web 应用程序/API 应用程序。正如 junas 提到的，请尝试使用 AAD native 应用程序，然后它应该可以工作。更多详情可以引用这个document -Constraints & Limitations section .

No web sites/confidential clients

This is not an ADAL limitation, but an AAD setting. You can only use those flows from a native client. A confidential client, such as a web site, cannot use direct user credentials.