ClientAuthError: no_tokens_found

Core Library

MSAL.js v2 (@azure/msal-browser)

Core Library Version

2.14.1

Wrapper Library

Not Applicable

Wrapper Library Version

None

Description

I am running a silent request on one page called login that is redirecting to Azure login correctly then I am redirected to a page called auth-verify this is where my code fails, I basically have the same silent request in the auth-verify as the login. When I look in my application session storage, I see things like request.params, request.state with values that look like tokens but they are not what I need.

In testing I was able in separate page with a login button able to after returning with those values in session storage, then on clicking login which fires msalInstance.loginRedirect({}); it would get my ID_token in local storage, then I could run the silent request via click of a button and get my access token. However this is not the flow that I want.

So back to the issue I am having on the auth-verify page. I get the following errors.

ClientAuthError: no_tokens_found: No tokens were found for the given scopes, and no authorization code was passed to acquireToken. You must retrieve an authorization code before making a call to acquireToken().

and

BrowserAuthError: interaction_in_progress: Interaction is currently in progress. Please ensure that this interaction has been completed before calling an interactive API.  For more visit: aka.ms/msaljs/browser-errors.

Not sure what I may be doing wrong at this point. The code below is a page after the user has gone through the login flow in Azure, and are redirected to this page, and have those values like request.params and request.state in the session storage.

The other thing that is giving me a error in the console is this a 400 for this url

https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=https://app.b2clogin.com/app.onmicrosoft.com/appsignupsignin/oauth2/v2.0/authorize

MSAL Configuration

const msalConfig = {
  auth: {
    clientId: process.env.NEXT_PUBLIC_AUTH_CLIENT_ID,
    authority: process.env.NEXT_PUBLIC_AUTHORITY,
    redirectUri: "http://localhost:3000/auth-verify",
  },
  cache: {
    cacheLocation: "localStorage", // This configures where your cache will be stored
    storeAuthStateInCookie: false, // Set this to "true" to save cache in cookies
  }
};

Relevant Code Snippets

export default function AuthVerify() {

    const accounts = msalInstance.getAllAccounts();
    var request = {
        scopes: [process.env.NEXT_PUBLIC_AUTH_CLIENT_ID],
        account:accounts
    };


    console.log(accounts);


    const grabAccessToken = async () =>{

        await msalInstance.acquireTokenSilent(request).then(tokenResponse => {
            // Do something with the tokenResponse
            console.log(tokenResponse)
        }).catch(async error => {
            if (error) {
                // fallback to interaction when silent call fails
                console.log(error);
                if (accounts.length === 0) {
                    return msalInstance.acquireTokenRedirect(request)
                    //await msalInstance.loginRedirect({});
                }
            }
        });
    }

    if (typeof window !== 'undefined') {
        grabAccessToken()
    }

    

  return <h1>Grab Access Token</h1>;
}

Identity Provider

Azure B2C Custom Policy

Source

External (Customer)