Azure AD responses 401 when accquiring access token using the client_secret_jwt client authentication method

[moarychan]

I have passed the case Access token request with a certificate using private_key_jwt client authentication method, but I can not find any document about client authentication using client_secert_jwt, it should be mimic with private_key_jwt client authentication method. I follow the doc OAuth2 Client Authentication with Azure AD, but I got the 401 response.

I propose there's section Fifth case: Access token request with a secret key in https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow, it will use the client_secert_jwt client authentication method to authenticate the client.

---

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

• ID: d32f55ac-acbc-292b-d1b7-ffdd257b11e1
• Version Independent ID: ae2a266c-051b-7307-93fd-74bc521c93bf
• Content: OAuth 2.0 client credentials flow on the Microsoft identity platform - Microsoft identity platform
• Content Source: articles/active-directory/develop/v2-oauth2-client-creds-grant-flow.md
• Service: active-directory
• Sub-service: develop
• GitHub Login: @nickludwig
• Microsoft Alias: ludwignick

[JamesTran-MSFT]

@moarychan
Thanks for your feedback! I've assigned this issue to the author who will investigate and update as appropriate.

[nickludwig]

Hey @moarychan - taking a look at this. Will circle back when I have an answer for you.

[nickludwig]

Hey @moarychan - client_secret_jwt isn't supported as part of our implementation of the client credentials flow. This is intentional and is why you're experiencing an error. Hope this helps!

I will leave this issue open for a few more days in case you have any follow up you'd like to add.

[nickludwig]

Closing as per above message

[nickludwig]

#please-close