http://localhost:3030. As soon as I do that, I get the error
AADSTS7000218: The request body must contain the following parameter: ‘client_assertion’ or ‘client_secret’. So, I figure that I then need to enable public client flows, so I turn that on. The next error I get is
AADSTS9002326: Cross-origin token redemption is permitted only for the 'Single-Page Application' client-type.
I haven't changed my SPA redirect URI and suddenly it won't work when I add the localhost web URI. Why? It seems that other web redirect URIs work fine.