Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

AADSTS54005: OAuth2 Authorization code was already redeemed

See original GitHub issue

Core Library

MSAL.js v2 (@azure/msal-browser)

Core Library Version

2.16.0

Wrapper Library

Not Applicable

Wrapper Library Version

None

Description

Have been getting this issue recently:

AADSTS54005: OAuth2 Authorization code was already redeemed, please retry with a new valid code or use an existing refresh token.

Was looking at other solutions online but they don’t seem to be as applicable to the msal-browser SDK, like this solution: “To fix the error try changing your code to request a refresh token that will be passed to /used by additional resources as the refresh tokens can still be reused.”

I’m not sure if there is a way to do this as I’ve only been using acquireTokenSilent mainly.

Full error example: invalid_grant: 54005 - [2021-10-29 08:28:29Z]: AADSTS54005: OAuth2 Authorization code was already redeemed, please retry with a new valid code or use an existing refresh token. Trace ID: 8ce4449f-de7d-495f-8007-104d6d939e00 Correlation ID: 206a9bc3-7644-4be1-b8d1-7560d0ee2ee9 Timestamp: 2021-10-29 08:28:29Z - Correlation ID: 206a9bc3-7644-4be1-b8d1-7560d0ee2ee9 - Trace ID: 8ce4449f-de7d-495f-8007-104d6d939e00

MSAL Configuration

{
        auth: {
            clientId: process.env.CLIENT_ID,
            authority: 'https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/',
            redirectUri: findTopSameOriginWindow().location.origin + '/blank'
        },
        system: {
            redirectNavigationTimeout: 500,
            iframeHashTimeout: 30000
        },
        cache: {
            cacheLocation: 'localStorage',
            storeAuthStateInCookie: isIE()
        }
    }

Relevant Code Snippets

let token: AuthenticationResult | undefined = await this.publicClientApplication.acquireTokenSilent(tokenRequest)
            .catch(async error => {
                return await this.acquireTokenErrorHandling(error, endpoint, tokenRequest);
            });

Identity Provider

Azure AD / MSA

Source

Internal (Microsoft)

Issue Analytics

State:
Created 2 years ago
Comments:9 (7 by maintainers)

Top GitHub Comments

1reaction

JosephThomascommented, Dec 6, 2021

Seems that the issue seems to be a fluke, happened a handful of times and was not able to reproduce. Hector mentioned that it could be due to some user’s having a bad connection.

0reactions

jasonnuttercommented, Dec 6, 2021

@hectormmg Any update on this issue?