[Bug] CCA CreateWithApplicationOptions forces use of ClientSecret, won't allow just Certificate usage #1332
Labels
regression
Behavior that worked in a previous release that no longer works in a newer release
Milestone
Which Version of MSAL are you using ? 4.3.0
Platform
net46
What authentication flow has the issue?
Web App
* [ ] Authorization code
**Is this a new or existing app? Existing single tenant app. We were using ADAL so far, and working on migrating to MSAL.
Repro
We use OIDC and we do not have clientsecrets, instead we use certificates. So do not pass ClientSecret in the request.
Receives the ID Token first.
Then try to get Access Token using the IDToken. However getting the below error.
{"Value cannot be null.\r\nParameter name: clientSecret"}
at Microsoft.Identity.Client.ConfidentialClientApplicationBuilder.WithClientSecret(String clientSecret)
at AadOnboarding.Core.MsalOpenIdAuthenticationOptionFactory.<>c__DisplayClass28_0.b__4(AuthorizationCodeReceivedNotification context) in E:\GIT\AD\AppModel\src\AadOnboarding\AadOnboarding\Core\MsalOpenIdAuthenticationOptionFactory.cs:line 268
at Microsoft.Owin.Security.OpenIdConnect.OpenIdConnectAuthenticationHandler.d__1a.MoveNext()
The text was updated successfully, but these errors were encountered: