Azure SSO missing client_id

I'm trying to connect to Azure for SSO. This is an externally hosted application, so we setup the Application Registration and are hitting the endpoints correctly. I get this error: AADSTS900144: The request body must contain the following parameter: 'client_id'. How can I add the client_id to the request. Code is condensed below: protected void initiateLogin() { //Enable SHA-256 XML signature support. // CryptoConfig.AddAlgorithm(typeof(RSAPKCS1SHA256SignatureDescription), "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"); ComponentPro.Licensing.Saml.LicenseManager.SetLicenseKey(ComponentProKey); // Set the server certificate validation callback. ServicePointManager.ServerCertificateValidationCallback = ValidateRemoteServerCertificate; // Create the authentication request. AuthnRequest a = BuildAuthenticationRequest(); // Create and cache the relay state so we remember which SP resource the user wishes to access after SSO. string spResourceUrl = Util.GetAbsoluteUrl(this, FormsAuthentication.GetRedirectUrl("", false)); string relayState = Guid.NewGuid().ToString(); SamlSettings.CacheProvider.Insert(relayState, spResourceUrl, new TimeSpan(1, 0, 0)); // Send the authentication request to the identity provider over the selected binding. string idpUrl = string.Format("{0}?{1}={2}", G.Settings.SAML.SSOServiceURL, Util.BindingVarName, HttpUtility.UrlEncode("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST")); a.SendHttpPost(Response, idpUrl, relayState); Response.End(); } ///

/// Builds an authentication request. ///

/// The authentication request. private AuthnRequest BuildAuthenticationRequest() { string issuerUrl = Util.GetAbsoluteUrl(this, "~/"); string AssertionURL = String.Format("https://{0}/acs/ConsumerService.aspx", G.Settings.ServerName); string assertionConsumerServiceUrl = string.Format("{0}?binding={1}", AssertionURL, HttpUtility.UrlEncode("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST")); // Create the authentication request. AuthnRequest authnRequest = new AuthnRequest(); authnRequest.Destination = G.Settings.SAML.SSOServiceURL; ; authnRequest.Issuer = new Issuer(issuerUrl); authnRequest.ForceAuthn = false; authnRequest.NameIdPolicy = new NameIdPolicy(null, null, true); authnRequest.ProtocolBinding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"; authnRequest.AssertionConsumerServiceUrl = assertionConsumerServiceUrl; return authnRequest; } As an aside - when I try to use the demo, we get the same error: AuhtnRequestSettings s = new AuhtnRequestSettings(); Global.Saml.ServiceProvider.InitiateSingleSignOn(Context, "", Global.PartnerProviderName, s, null, null);