Azure AD users Authentication in java using ADAL 4j gives “The request body must contain the following parameter: 'client_secret or client_assertion”

2
votes

I am trying to write Azure AD users Authentication code from here. I am submitting valid client id, username, password, tenant id, resource id.

It gives me the following error:

java.util.concurrent.ExecutionException: com.microsoft.aad.adal4j.AuthenticationException: {"error":"invalid_request","error_description":"AADSTS90014: The request body must contain the following parameter: 'client_secret or client_assertion'.\r\nTrace ID: 7f98c473-96f9-48bd-b1ee-73dad520c226\r\nCorrelation ID: 35a8f4d9-bdb1-4dbe-ac58-5c41473ee3d1\r\nTimestamp: 2015-10-01 09:03:02Z"}

The full stack trace is:

Enter username: xxxxxxx Enter password: xxxxxxx SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder". SLF4J: Defaulting to no-operation (NOP) logger implementation SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details. java.util.concurrent.ExecutionException: com.microsoft.aad.adal4j.AuthenticationException: {"error":"invalid_request","error_description":"AADSTS90014: The request body must contain the following parameter: 'client_secret or client_assertion'.\r\nTrace ID: 7f98c473-96f9-48bd-b1ee-73dad520c226\r\nCorrelation ID: 35a8f4d9-bdb1-4dbe-ac58-5c41473ee3d1\r\nTimestamp: 2015-10-01 09:03:02Z"} at java.util.concurrent.FutureTask.report(FutureTask.java:122) at java.util.concurrent.FutureTask.get(FutureTask.java:188) at PublicClient.getAccessTokenFromUserCredentials(PublicClient.java:47) at PublicClient.main(PublicClient.java:27) Caused by: com.microsoft.aad.adal4j.AuthenticationException: {"error":"invalid_request","error_description":"AADSTS90014: The request body must contain the following parameter: 'client_secret or client_assertion'.\r\nTrace ID: 7f98c473-96f9-48bd-b1ee-73dad520c226\r\nCorrelation ID: 35a8f4d9-bdb1-4dbe-ac58-5c41473ee3d1\r\nTimestamp: 2015-10-01 09:03:02Z"} at com.microsoft.aad.adal4j.AdalTokenRequest.executeOAuthRequestAndProcessResponse(AdalTokenRequest.java:97) at com.microsoft.aad.adal4j.AuthenticationContext.acquireTokenCommon(AuthenticationContext.java:770) at com.microsoft.aad.adal4j.AuthenticationContext.access$1(AuthenticationContext.java:757) at com.microsoft.aad.adal4j.AuthenticationContext$1.call(AuthenticationContext.java:130) at com.microsoft.aad.adal4j.AuthenticationContext$1.call(AuthenticationContext.java:1) at java.util.concurrent.FutureTask.run(FutureTask.java:262) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:745)

How to solve the Exception ?

1
javaauthenticationazure
hi sir, how did you configure the Azure AD settings, especially the Client ID ,key, and Tenant ID?Will Shao - MSFT
@user3428513, Could you please confirm whether you are leveraging the sample code for authentication at below link: github.com/AzureAD/azure-activedirectory-library-for-java/blob/… or provide your own code snippet if you did not use that. Per my understanding, it would be lot easier if you can open a service request for troubleshooting this issue due to the intent of why encountering the error message is a bit unclear from verbatim at this thread's post.Ming Xu - MSFT

1 Answers

0
votes

There are two flows supported by AzureAD. One that requires a client_secret or client_assertion AND one that doesn't. These are sometimes referred to as Public OR Confidential. If when you add an application to Azure, you choose 'Web App' AzureAD expects a Confidential client, where 'proof' must be shown to obtain a token. Public on the other hand, does not require proof.