The request / response that I'm seeing in the trace from Microsoft is:
Request:
Response:
{
"error": "invalid_client",
"error_description": "AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.\r\nTrace ID: 9936fff3-e267-4a22-9ccb-fb5fa2838700\r\nCorrelation ID: ff7c9399-83b3-42df-891d-e3cc5a574a5f\r\nTimestamp: 2022-03-16 01:59:15Z",
"error_codes": [7000218],
"timestamp": "2022-03-16 01:59:15Z",
"trace_id": "9936fff3-e267-4a22-9ccb-fb5fa2838700",
"correlation_id": "ff7c9399-83b3-42df-891d-e3cc5a574a5f",
"error_uri": "https://login.microsoftonline.com/error?code=7000218"
}
We do not send a client_secret with our request for OneDrive for Business, and it does work correctly (I've just verified). So make sure that the client is configured properly in Azure Active Directory. It was a huge PITA getting this working correctly on our end for OneDrive for Business, so it's not straight forward.
I can add another parameter to ProviderSettings.json for the client_secret in the next build, if you need it.
Also, if you're not setting up your own web server for the redirect, you may need to enter our redirect URL in Azure AD.