I have a problem to log in with the following scenario:
- custom AAD application with the described permissions (also admin granted already)
- I used PowerShell for setting environment variable and logging in
- I am not behind a proxy
- set the environment variable $env:OFFICE365CLI_AADAPPID and $env:OFFICE365CLI_TENANT
- CLI version 1.15.0
Expected Behaviour
using a custom properly configured AAD application in conjunction with the authType "password" and proper user credentials should let me login.
Actual Behaviour
when I log in I always get an error. I even tried to change the tenant ID or the app id to something, that does not exist and gives me proper error message like
Error: AADSTS90002: Tenant '#WrongTenantId#' not found. This may happen if there are no active subscriptions for the tenant. Check with your subscription administrator.
or if I use the wrong client ID
Error: AADSTS700016: Application with identifier '#MyWrongClientID#' was not found in the directory '#MyCorrectTenantID#'. This can happen if the application has not be
en installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.
Problem Description
the following code I used:
$env:OFFICE365CLI_TENANT="#MyTenantId#"
$env:OFFICE365CLI_AADAPPID="#MyClientId#"
$env:OFFICE365CLI_VERBOSE="1"
o365 spo login https://contoso.sharepoint.com --authType password --userName myuser@contoso.com --password contosopassword
I get the following logs:
DONE
Logging in to SharePoint Online at https://contoso.sharepoint.com...
Error: AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.
Trace ID: 84ef2fb4-07a7-473c-a5f2-346d7595b400
Correlation ID: af49f0c2-5a96-42ad-bb20-e3f2205ca6d1
Timestamp: 2019-03-28 08:31:03Z
I get the same result when I try to use the device login with my application (e.g. office365 spo login https://devglobal.sharepoint.com):
DONE
Logging in to SharePoint Online at https://devglobal.sharepoint.com...
To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code #SomeCodeHere# to authenticate.
Error: undefined
Of course I changed all data related to my environment. I only kept the trace and correlation ID.
I don't find any documentation how to login with a custom AAD application and user credentials, but I asked @waldekmastykarz on twitter and he said it should be possible. So I just guessed it should work like described above.
I have a problem to log in with the following scenario:
Expected Behaviour
using a custom properly configured AAD application in conjunction with the authType "password" and proper user credentials should let me login.
Actual Behaviour
when I log in I always get an error. I even tried to change the tenant ID or the app id to something, that does not exist and gives me proper error message like
Error: AADSTS90002: Tenant '#WrongTenantId#' not found. This may happen if there are no active subscriptions for the tenant. Check with your subscription administrator.or if I use the wrong client ID
Problem Description
the following code I used:
I get the following logs:
I get the same result when I try to use the device login with my application (e.g. office365 spo login https://devglobal.sharepoint.com):
Of course I changed all data related to my environment. I only kept the trace and correlation ID.
I don't find any documentation how to login with a custom AAD application and user credentials, but I asked @waldekmastykarz on twitter and he said it should be possible. So I just guessed it should work like described above.