Request for client_secret
Brought to you by:
mguessan
Menu
▾
▴
#408 Request for client_secret
When operating in O365Manual mode, and logging in using a browser using the auth request URL provided by Davmail, the browser logs in OK, and the browser log records redirects of the proper form of:
"redirectURL": "https://outlook.office.com/owa/?code=[...]&session_state=[...]&correlation_id=[...]"
But when this URL if provided to Davmail, an error is generated:
The request body must contain the following parameter: 'client_assertion' or 'client_secret'.
The session in the browser is logged-in properly, and I am not sure client_secret is required in this mode, even though the client_id is the OWA one.
This means you didn't use a valid client id for a desktop application: either DavMail default value or another desktop application authorized by O365 admins.
If you try to use a web application client id a client secret will be required.