Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
acquireTokenSilent does always call api even though token is already in cache
See original GitHub issueCore Library
MSAL.js v2 (@azure/msal-browser)
Core Library Version
“^2.17.0”
Wrapper Library
Not Applicable
Wrapper Library Version
None
Description
Revering to this documentations: token-lifetimes and aquire-token the library should only send a api request to azure if the token is expired or near to be expired.
I configured msal with cacheLocation: BrowserCacheLocation.SessionStorage.
I call aquireTokenSilent on every api-call I do from my SPA to my backend. What I get is a call on /oauth2/v2.0/token every time.
Error Message
API call to azure b2c on every call of acquireTokenSilent
Msal Logs
No response
MSAL Configuration
auth: {
clientId: clientConfig.clientId,
redirectUri: clientConfig.redirectUri,
authority: `https://${clientConfig.authoritySubDomain}.b2clogin.com/${clientConfig.authoritySubDomain}.onmicrosoft.com/${clientConfig.flow}`,
knownAuthorities: [
`${clientConfig.authoritySubDomain}.b2clogin.com`,
`${clientConfig.authoritySubDomain}.onmicrosoft.com`,
],
},
cache: {
cacheLocation: BrowserCacheLocation.SessionStorage
},
const SCOPES = ["openid", "offline_access", clientConfig.clientId];
Relevant Code Snippets
I call aquireTokenSilent by:
` public async getIDToken(): Promise<string | void> {
try {
const silentRequest: SilentRequest = {
account: this.account ? this.account : undefined,
scopes: SCOPES,
forceRefresh: false
};
const authenticationResult = await this.publicClientApplication.acquireTokenSilent(
silentRequest
);
return authenticationResult.idToken;
} catch (error) {
return await this.publicClientApplication.acquireTokenRedirect({
scopes: SCOPES,
});
}
}`
Reproduction Steps
- Call getIDToken() several times
Expected Behavior
Only one api request to azure b2c /oauth2/v2.0/token is done
Identity Provider
Azure B2C Basic Policy
Browsers Affected (Select all that apply)
Chrome
Regression
No response
Source
External (Customer)
Issue Analytics
- State:
- Created 2 years ago
- Comments:13 (4 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
The issue has not been resolved. It is still not using the cache.
Hi @BenediktZoller, this is the behavior when you pass in the client id as part of the scopes, a fix of this is however being pushed today.