Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Getting ClientAuthError: endpoints_resolution_error: Error: could not resolve endpoints with @azure/msal-node 1.9.1

See original GitHub issue

Core Library

MSAL Node (@azure/msal-node)

Core Library Version

1.9.1

Wrapper Library

Not Applicable

Wrapper Library Version

None

Description

Since upgrading from 1.9.0 to 1.9.1 we are running into the error listed in this issue below. We have a node application that runs on an interval to update profile pictures in Backstage a Developer Portal we are using. It’s very simple.

Rolling back to 1.9.0 the error goes away. I’m not sure what specifically is causing this issue but I feel like it is something in PR #4744. That being said there might be simply something that we need to include to resolve this like some additional configuration.

Any help with this would be greatly appreciated!

Error Message

ClientAuthError: endpoints_resolution_error: Error: could not resolve endpoints. Please check network and try again. Detail: ClientAuthError: openid_config_error: Could not retrieve endpoints. Check your authority and verify the .well-known/openid-configuration endpoint returns the required endpoints. Attempted to retrieve endpoints from: https://login.microsoftonline.com/{tenantId}/v2.0/.well-known/openid-configuration

Note that {tenantId} in the URL above is our actual tenantId, just removed for security reasons.

Msal Logs

No response

MSAL Configuration

const clientConfig = {
      auth: {
        clientId,
        clientSecret,
        authority: `https://login.microsoftonline.com/${tenantId}`,
      },
    };

Relevant Code Snippets

const clientConfig = {
      auth: {
        clientId,
        clientSecret,
        authority: `https://login.microsoftonline.com/${tenantId}`,
      },
    };

    const authClient = new ConfidentialClientApplication(clientConfig);

    const tokens = await authClient.acquireTokenByClientCredential({
      scopes: ['https://graph.microsoft.com/.default'],
    });

Reproduction Steps

I’m not totally sure how to describe this:

Upgrade to @azure/msal-node 1.9.1
Run the application

Notice in the logs the error listed in this issue occurs

Expected Behavior

There should be no error and the process should continue to work as it did with version 1.9.0

Identity Provider

Azure AD / MSA

Browsers Affected (Select all that apply)

None (Server)

Regression

@azure/msal-node 1.9.0

Source

External (Customer)

Issue Analytics

State:
Created a year ago
Comments:49 (22 by maintainers)

Top GitHub Comments

1reaction

bgavrilMScommented, Dec 15, 2022

@jsbinette - can you provide verbose PII logging if you are able to reproduce the issue with MSAL alone? Feel free to email them to me if you wish at bogavril at microsoft com. They will not contain secrets or tokens, but will have some IDs.

1reaction

Robbie-Microsoftcommented, Oct 25, 2022

@awanlin For what it’s worth, I am able to run the sample in my previous comment with msal-node versions 1.9.1 and 1.14.2.