AADSTS7000218: The request body must contain the following parameter: ‘client_assertion’ or ‘client_secret

ByRajith Enchiparambil

This article explains the fix for AADSTS7000218: The request body must contain the following parameter: ‘client_assertion’ or ‘client_secret error.

The AADSTS7000218 error came up while trying to get an Azure token using the device code flow. The Azure app registration had secret set & had redirect URI set to a web url.

The full error is shown below.

Error type : invalid_client.

Error description: AADSTS7000218: The request body must contain the following parameter: ‘client_assertion’ or ‘client_secret

The fix was to enable the ‘allow public client flows’ in the Azure app registration. Follow the steps below to enable public client flow for the app.

Navigate to the app registration within Azure. Select ‘Authentication’ from the left hand menu.

Scroll all the way down & you will have a section titled ‘Allow Public Client Flows’. Set the toggle to ‘Yes’ and click on the ‘Save’ button. Wait for a few minutes before trying the device code flow again.

Rajith Enchiparambil

Cloud Architect & Blogger with interests in Microsoft 365, Azure, AWS & PowerShell. I am active on Experts Exchange & TechNet forums and I am a technical author for SearchExchange. Follow me on Twitter, LinkedIn, or Facebook for the latest updates. For consultancy opportunities, drop me a line.

Leave a Reply

Your email address will not be published. Required fields are marked *