Subject: Azure SSO missing client_id
Date: 2022-12-05 18:38:09
From: Chris
Source: azure-sso-missing-client-id

I'm trying to connect to Azure for SSO. This is an externally hosted application, so we setup the Application Registration and are hitting the endpoints correctly.

I get this error: AADSTS900144: The request body must contain the following parameter: 'client_id'.

How can I add the client_id to the request. 

Code is condensed below:


     protected void initiateLogin() {
        //Enable SHA-256 XML signature support.
        // CryptoConfig.AddAlgorithm(typeof(RSAPKCS1SHA256SignatureDescription), "");
        // Set the server certificate validation callback.
        ServicePointManager.ServerCertificateValidationCallback = ValidateRemoteServerCertificate;

        // Create the authentication request.
        AuthnRequest a = BuildAuthenticationRequest();

        // Create and cache the relay state so we remember which SP resource the user wishes to access after SSO.
        string spResourceUrl = Util.GetAbsoluteUrl(this, FormsAuthentication.GetRedirectUrl("", false));
        string relayState = Guid.NewGuid().ToString();
        SamlSettings.CacheProvider.Insert(relayState, spResourceUrl, new TimeSpan(1, 0, 0));

        // Send the authentication request to the identity provider over the selected binding.
        string idpUrl = string.Format("{0}?{1}={2}", G.Settings.SAML.SSOServiceURL, Util.BindingVarName, HttpUtility.UrlEncode("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"));
        a.SendHttpPost(Response, idpUrl, relayState);
    /// Builds an authentication request.
    /// The authentication request.
    private AuthnRequest BuildAuthenticationRequest() {
        string issuerUrl = Util.GetAbsoluteUrl(this, "~/");
        string AssertionURL = String.Format("https://{0}/acs/ConsumerService.aspx", G.Settings.ServerName);
        string assertionConsumerServiceUrl = string.Format("{0}?binding={1}", AssertionURL, HttpUtility.UrlEncode("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"));

        // Create the authentication request.
        AuthnRequest authnRequest = new AuthnRequest();
        authnRequest.Destination = G.Settings.SAML.SSOServiceURL; ;
        authnRequest.Issuer = new Issuer(issuerUrl);
        authnRequest.ForceAuthn = false;
        authnRequest.NameIdPolicy = new NameIdPolicy(null, null, true);
        authnRequest.ProtocolBinding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST";
        authnRequest.AssertionConsumerServiceUrl = assertionConsumerServiceUrl;
        return authnRequest;

As an aside - when I try to use the demo, we get the same error:

      AuhtnRequestSettings s = new AuhtnRequestSettings();
      Global.Saml.ServiceProvider.InitiateSingleSignOn(Context, "", Global.PartnerProviderName, s, null, null);


Note: This question has been asked on the Q&A forum of Thang Dang's fraudulent ComponentPro brand
If you purchased anything from ComponentPro, you have been scammed. Contact the payment processor
who sold you the license and ask for your money back.

Back to ComponentPro Q&A Forum Index