My final goal is manage user’s access token by refresh token.
I need token from user.

So, I tried this logic.

var app = PublicClientApplicationBuilder.Create(clientId)
    .WithRedirectUri(redirectUri)
    .WithTenantId(tenantId)
    .Build();

var accounts = app.GetAccountsAsync().Result;
              
 var authResult = app.AcquireTokenInteractive(scopes)
 .ExecuteAsync().Result;
 var token = authResult.AccessToken

An error occurs in app.AcquireTokenInteractive(scopes) after logging in with a Microsoft account. When this function is executed, a web browser is launched to prompt for login. After logging in, the browser shows a page indicating that account authentication is complete.
After ms login, this page printed “Authentication complete. You can return to the application. Feel free to close this browser tab.”

And then, this is error content.

System.AggregateException
HResult=0x80131500
message=One or more errors occurred. (A configuration issue is preventing authentication – check the error message from the server for details. You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details. Original exception: AADSTS7000218: The request body must contain the following parameter: ‘client_assertion’ or ‘client_secret’. Trace ID: ef0f8da8-2e8b-46ce-8ee5-227b97ea0d01 Correlation ID: e830675e-b28d-48ba-9683-7f4c9bce98c1 Timestamp: 2024-07-10 09:00:43Z)
source=System.Private.CoreLib
StackTrace:
System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions)
System.Threading.Tasks.Task1.GetResultCore(Boolean waitCompletionNotification) System.Threading.Tasks.Task1.get_Result()

throw.

1:
MsalServiceException: A configuration issue is preventing authentication – check the error message from the server for details. You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details. Original exception: AADSTS7000218: The request body must contain the following parameter: ‘client_assertion’ or ‘client_secret’. Trace ID: ef0f8da8-2e8b-46ce-8ee5-227b97ea0d01 Correlation ID: e830675e-b28d-48ba-9683-7f4c9bce98c1 Timestamp: 2024-07-10 09:00:43Z

I refer to

• https://github.dev/microsoft/semantic-kernel/blob/9dd8604b6868a97ed41b8705bae97b2237ea30b2/dotnet/src/Skills/Skills.OpenAPI/Authentication/InteractiveMsalAuthenticationProvider.cs#L36#L5
• https://learn.microsoft.com/en-us/entra/msal/dotnet/acquiring-tokens/desktop-mobile/acquiring-tokens-interactively

var app = PublicClientApplicationBuilder.Create("YOUR_CLIENT_ID")
    .WithDefaultRedirectUri()
    .Build();

var accounts = await app.GetAccountsAsync();

AuthenticationResult result;
try
{
    result = await app.AcquireTokenSilent(scopes, accounts.FirstOrDefault())
      .ExecuteAsync();
}
catch (MsalUiRequiredException)
{
    result = await app.AcquireTokenInteractive(scopes).ExecuteAsync();
}