Add state parameter in authentication requests
See original GitHub issueWe use state parameter for single redirect url for many sites.
with msal we send:
await msal.loginPopup({
scopes: scopes,
state: requestState
})
any idea how we can send it with InteractiveBrowserCredential
Issue Analytics
- State:
- Created 2 years ago
- Comments:10 (8 by maintainers)
Top Results From Across the Web
Prevent Attacks and Redirect Users with OAuth 2.0 State ...
The state parameter is a string so you can encode any other information in it. You send a random value when starting an...
Read more >How to Generate and Validate an OAuth 2.0 State Parameter ...
An OAuth 2.0 state parameter is a unique, randomly generated, opaque, and non-guessable string that is sent when starting an authentication ...
Read more >What is the purpose of the 'state' parameter in OAuth ...
The state parameter is used to protect against XSRF. Your application generates a random string and sends it to the authorization server using...
Read more >Pass custom state in authentication requests using MSAL.js
Learn how to pass a custom state parameter value in authentication request using the Microsoft Authentication Library for JavaScript ...
Read more >The importance of the “state” parameter in OAuth - Medium
The “state” parameter is sent during the initial Authorization Request and sent back from the Authorization Server to the Client along with ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@sadasant thanks for the update. waiting for documentation.
We have several clients app authenticated with AAD and using @azure/storage-blob package We use one redirect url for all of them and from the redirect url we navigate back to the original site by url we send in state parameter. When trying to use InteractiveBrowserCredential we send the ‘global’ redirect url but no way to send the original site url