AADSTS7000218: The request body must contain the following parameter: ‘client_assertion’ or ‘client_secret

Microsoft 365

The AADSTS7000218 error came up while trying to get an Azure token using the device code flow. The Azure app registration had secret set & had redirect URI set to a web url.

The full error is shown below.

Error type : invalid_client.

Error description: AADSTS7000218: The request body must contain the following parameter: ‘client_assertion’ or ‘client_secret

The fix was to enable the ‘allow public client flows’ in the Azure app registration. Follow the steps below to enable public client flow for the app.

Navigate to the app registration within Azure. Select ‘Authentication’ from the left hand menu.

Scroll all the way down & you will have a section titled ‘Allow Public Client Flows’. Set the toggle to ‘Yes’ and click on the ‘Save’ button. Wait for a few minutes before trying the device code flow again.

Please let me know if you have any questions in the comments section.

Other Popular Articles


Microsoft 365

Tighten MFA Using Microsoft Authenticator Security Features Right Now!

Microsoft 365

Get Azure AD Users Based On Organizational Unit

Leave a Comment