Behavior:
After setting up the Connect to Mail Connector with Microsoft Office 365, this error appears when trying to connect to the email account:
After setting up the Connect to Mail Connector with Microsoft Office 365, this error appears when trying to connect to the email account:
"AADSTS700025: Client is public so neither 'client_assertion' nor 'client_secret' should be presented"
Solution:
The error message referenced comes directly from the Azure portal and means that client secrets cannot be exchanged as long as the app is public.
/msdyn_blobfile/$value)
/msdyn_blobfile/$value)
/msdyn_blobfile/$value)
If you have followed our instructions, this should not happen. The following settings can lead to the Issue:
1. Open https://portal.azure.com/ and navigate to the DocuWare OAuth App you created for Connect to Mail.
2. In the app overview for the OAuth app, there is the item "Supported account types". Here you have to set the following "Accounts in this organizational directory only (xxx - Single tenant)".
Ensure the Platform configurations are set to resemble this information:
Access tokens (used for implicit flows) = Checked
ID tokens (used for implicit and hybrid flows) = Checked
Accounts in the organizational directory only = Enabled
Enable the following mobile and desktop flows = No
ID tokens (used for implicit and hybrid flows) = Checked
Accounts in the organizational directory only = Enabled
Enable the following mobile and desktop flows = No
3. The Redirect URI must be added as a web application (see screenshot "Platform configurations").
4. In the overview, you should see the following for the Redirect URI:
4. In the overview, you should see the following for the Redirect URI:
KBA is applicable to both Cloud and On-premise Organizations.