Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

AcquireTokenSilent Does not create any iframe.

See original GitHub issue

Core Library

MSAL.js v2 (@azure/msal-browser)

Core Library Version

2.16.1

Wrapper Library

MSAL React (@azure/msal-react)

Wrapper Library Version

1.0.1

Description

Prior to upgrading to V2 we were logging users who already have logged in some other Microsoft website silently by creating an iframe and triggering a signin by redirect flow in the iframe. This helped us in getting users silently sign in.

As per the docs the acquuireTokenSilently is supposed to do exactly this however once we upgraded to v2 we see a massive drop in users who are signed in.

What are we missing here that we are not seeing silent sign on?

MSAL Configuration

auth: {
                clientId: // client id,
                authority: "https://login.microsoftonline.com/common/",
                redirectUri: // our homepage,
            },
            cache: {
                cacheLocation: "localStorage",
            },

Relevant Code Snippets

if (this.props.msalContext.instance.getAllAccounts()[0]) {
            this.props.msalContext.instance
                .acquireTokenSilent({
                    account: this.props.msalContext.instance.getAllAccounts()[0],
                    ...loginRequest,
                })
                .then(token => //use token)
                .catch(err => {
log telemetry 
                });
        }

Identity Provider

Azure AD / MSA

Source

Internal (Microsoft)

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Comments:7 (3 by maintainers)

github_iconTop GitHub Comments

1reaction
Shivam60commented, Oct 5, 2021

image

0reactions
Shivam60commented, Sep 29, 2021

It appears majority of our users are logged in via single account only. Thus using redirect within an iframe has worked for us ensuring a higher signed users and an experience where users doesnt navigate away from the site for login if there exisits an active session.

I ll wait for @pkanher617 's thoughts and ETA on the above. It looks we ll have to revert back to our iframe code 😦

Read more comments on GitHub >

github_iconTop Results From Across the Web

MSAL js - acquireTokenSilent fails with X-Frame-Error
Currently this issued is caused by the B2C service, not the library. Can you try to invoke acquireTokenPopup or acquireTokenRedirect when ...
Read more >
msal-iframe-ok/README.md - UNPKG
The implicit flow runs in the context of a web browser which cannot manage client secrets securely. It is optimized for single page...
Read more >
Single-page application: Acquire a token to call an API
The pattern for acquiring tokens for APIs with MSAL.js is to first attempt a silent token request by using the acquireTokenSilent method.
Read more >
msal-browser - BrowserAuthError: monitor_window_timeout
When you try to implement silent acquisition of token using either acquireTokenSilent or the ssoSilent variations, the token is returned in a ......
Read more >
msal-iframe-ok - npm
The MSAL library for JavaScript enables client-side JavaScript web applications, running in a web browser, to authenticate users using Azure ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Sign in flow does not complete when running MSAL 2.0 in iframe

Next page

acquireTokenSilent does always call api even though token is already in cache