BingAds API - AADSTS700025: Client is public so neither 'client_assertion' nor 'client_secret' should be presented

Data OWG 1 Reputation point
2022-06-22T10:31:55.407+00:00

Hey everyone,

I cant ask for technical Azure support somehow, so I have to ask it here.

I am using a local Docker container (on AWS EC2) and run there Airbyte (https://docs.airbyte.com/) to load BingAds data. Airbyte has an webserver on localhost:8000.

I went through the whole BingAds documentation to do so:

  1. Creating Developer Token
  2. Creating App (tried Web App and Mobile&Desktop App)
  3. Creating Secrets
  4. Creating access and refresh tokens (successfully)

In Airbyte I need to use:

  • Tenant Id (set to common)
  • Client (App) Id
  • Client Secret (value)
  • Refresh Token
  • Developer Token

The authentification process throws me following error: 

OAuthTokenRequestException('invalid_client', "AADSTS700025: Client is public so neither 'client_assertion' nor 'client_secret' should be presented

I tried different App platforms (Web, Dekstop&Mobile), adding different redirect URIs (http://localhost:8000/, https://login.microsoftonline.com/common/oauth2/nativeclient), but it didnt help.

What am I missing? I went through the docs but couldnt find anything that solves the problem.

Does it have to do that the container is running on a EC2 server which can be only access by SSH? Or should that not be the problem?

Thanks for any help in advance!

Microsoft Advertising API
Microsoft Advertising API
A Microsoft API that provides programmatic access to Microsoft Advertising to manage large campaigns or to integrate your marketing with other in-house systems.
386 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vinod Kumar Penchalaiah 1 Reputation point Microsoft Employee
    2022-07-25T16:06:31.25+00:00

    Hi, I was tracing your issue quickly and I see you are encountering an issue with error code AADSTS700025,the error in general talks about while using the auth code grant authentication flow with PCKE it's not allowed to provide client secret or client certificate in the authentication flow, usually for SPA and native apps, much context is needed about the scenario you are trying to implement, As this need diagnosis and further troubleshooting , however please review below details for your issue.

    You can read more about the authentication flow you are implementing here:

    Microsoft identity platform and OAuth 2.0 authorization code flow : https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow

    Our official repos and code examples : https://learn.microsoft.com/en-us/azure/active-directory/develop/sample-v2-code

    0 comments
  2. Data OWG 1 Reputation point
    2022-07-28T09:58:20.88+00:00

    Hi,

    I was following the following guide to setup:

    https://docs.airbyte.com/integrations/sources/bing-ads/#step-1-set-up-bing-ads

    The method that is recommended to use is to get auth code, and use that to get a refresh token.

    Maybe I have to do the optional step which I didnt fully understand?

    Best regards

    0 comments