Hi @SVERDLOV, Roman ,
The 400 error may occur if the X-Frame-Options configuration is set to "Deny", which would indicate a CORS problem. It is a browser behavior which can be resolved by setting X-Frame-Options to "SAMEORIGIN". You can use application code or configure a script in HTTP header. Here is an Angular app example: https://github.com/AzureAD/microsoft-authentication-library-for-js/issues/1985
I would also recommend checking the solutions in this thread: https://github.com/AzureAD/microsoft-authentication-library-for-js/issues/1124
If you still face this issue after trying these steps, please feel free to reach out to me at AzCommunity@microsoft.com ("Attn: Marilee Turscak") and include your subscription ID and a link to this thread, and I will open a one-time free support case to troubleshoot this further.