I am trying to use Azure AD with device code flow. I've created an application and tried to request a code using this client id. The request to code succeed and I was able to approve the login. But, when I tried to request a token using the device code, the request failed with the following error:
AADSTS70002: The request body must contain the following parameter: 'client_secret or client_assertion'.
As far as I can tell, this flow does not require any credentials so I am not sure why this error occurred. I was able to reproduce it using different languages and different Adal libraries (NodeJS, C#) and also by using Postman. So I am pretty sure this is not a bug in a specific library. Probably something I misconfigured - although it is unclear to me what. Could you help me figure this out?
You are trying to use confidential client (web app) to execute a flow that is meant for public clients. Please create a native client application to execute the flow.