0

I'm adpting a basic script, that i did to send standardized emails to a list of emails, to use msal.

I used the msal python lib (v 1.21.0) like so:

import msal

redirect_url = f"https://login.microsoftonline.com/{tenant_id}/oauth2/v2.0/authorize/"

tokens_dir = r"<PATH>"
token_filename = r"<TOKEN_FILENAME>"
scopes = ["Mail.Send","Mail.ReadWrite","User.Read"]

authority = f"https://login.microsoftonline.com/{tenant_id}/"
app = msal.ConfidentialClientApplication(client_id=client_id, client_credential=client_secret, authority=authority)

url = app.get_authorization_request_url(scopes=scopes, redirect_uri=redirect_url)

code = input("Token auth code:" )
app.acquire_token_by_authorization_code(code, scopes=scopes, redirect_uri=redirect_url)

For testing pourposes it's written on a ipython notebook. So I access the url given by the "get_authorization_request_url" method that was supposed to give me the authorization code.

But I'm getting this error AADSTS900144: The request body must contain the following parameter: 'client_id'. I found this post talking about this, but I don't know how to include the parameter on the body instead of the query.

SPT
  • 139
  • 1
  • 6
user118799
  • 21
  • 7

1 Answers1

0

I tried to reproduce the same in my environment and got below results:

I registered one Azure AD application and added API permissions as below:

enter image description here

In my case, I set redirect_url as https://jwt.ms for my application as below:

enter image description here

Now I ran same code in my Python notebook by modifying redirect_url and printing url to get code like below:

import msal

tenant_id = "3f5c7a77-062d-426c-8582-xxxxxxxxxxx"
client_id = "a26d7e57-0a26-4a0c-a756-xxxxxxxxxxx"
client_secret = "xxxxxxxxxxxxxxxxxxxxxx"
redirect_url = f"https://jwt.ms"

tokens_dir = r"<PATH>"
token_filename = r"<TOKEN_FILENAME>"
scopes = ["Mail.Send","Mail.ReadWrite","User.Read"]

authority = f"https://login.microsoftonline.com/{tenant_id}/"
app = msal.ConfidentialClientApplication(client_id=client_id, client_credential=client_secret, authority=authority)

url = app.get_authorization_request_url(scopes=scopes, redirect_uri=redirect_url)

print(url)

code = input("Token auth code:" )
app.acquire_token_by_authorization_code(code, scopes=scopes, redirect_uri=redirect_url)

Response:

enter image description here

When I clicked on the URL from response, it opened new tab to pick account like below:

enter image description here

After signing in, I got the consent screen with permissions like this:

enter image description here

After accepting the above consent, it took me to redirect_url with code in address bar like below:

enter image description here

When I entered this code in Token auth code: I got tokens successfully in response like this:

enter image description here

Sridevi
  • 10,599
  • 1
  • 4
  • 17
  • Is ur application multi or single tenant? – user118799 Mar 22 '23 at 13:35
  • It's single tenant – Sridevi Mar 22 '23 at 13:37
  • As I saved my session and consent, I don't get those pages anymore. Instead the url takes me directly to the Error page with the cited error. [This post](https://stackoverflow.com/questions/68838592/azure-aadsts900144-the-request-body-must-contain-the-following-parameter-clie) has a "solution" to this, but I don't know how to implement it – user118799 Mar 22 '23 at 13:53
  • You have given authorize URL in `redirect_url`. Can you change it and try again? – Sridevi Mar 22 '23 at 13:55
  • I changed both in the script and the registered uri. I got an 404 error page. – user118799 Mar 22 '23 at 14:14
  • I got the [same error](https://i.imgur.com/gmwodzV.png) when I gave authorize url in `redirect_url` like [this](https://i.imgur.com/tj1piuo.png). Can you include your error screenshot by editing your question? – Sridevi Mar 22 '23 at 14:32
  • 1
    Actually never mind, the change you suggested worked. As I was redacting the url from the 404 error page, I noticed that the code was given, so I used that url to fetch a token and it worked! Thanks – user118799 Mar 22 '23 at 14:36