Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

How do I get Bearer (Access) Token in v2 format using @azure/msal-react?

See original GitHub issue

Core Library

MSAL.js v2 (@azure/msal-browser)

Core Library Version

2.14.2

Wrapper Library

MSAL React (@azure/msal-react)

Wrapper Library Version

1.0.0

Description

I created a new app service and set accessTokenAcceptedVersion to 2 in manifest.json as I am looking for a v2 token similar to here. However the accessToken generated by Microsoft always has an iss value of sts.windows.net when decoded. I would like it to be login.microsoftonline.com. Please advice.

This is my implementation:

enter image description here

This is my token when decoded:

enter image description here

Please advice.

MSAL Configuration

No response

Relevant Code Snippets

let token;
msalInstance.acquireTokenSilent({
      ...loginRequest
    }).then((accessTokenResponse) => {
       // Acquire token silent success
       token = accessTokenResponse.accessToken;
     })

Identity Provider

Azure AD / MSA

Source

External (Customer)

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Comments:6 (1 by maintainers)

github_iconTop GitHub Comments

1reaction
derisencommented, Jun 15, 2021

@a2441918 cheers! Closing this. Let us know if you need further help.

1reaction
derisencommented, Jun 8, 2021

@a2441918 every access token is meant for a resource, represented in the aud claim. To get a token for your backend API, you need to use the scope(s) that you expose in your access token request. Check out the docs for more on this.

And yes, it is best practice to create separate app registrations for your client and service apps. From the screenshots, the scopes you exposed doesn’t look right. Please check out this tutorial, which shows how do this properly.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Single-page application: Acquire a token to call an API
When this method is called, the library first checks the cache in browser storage to see if a non-expired access token exists and...
Read more >
Generating and using app-only Bearer Tokens | Docs
A Bearer Token is a byte array of unspecified format that you generate using ... Our Bearer Token used to authenticate to resources...
Read more >
Msal Get Access Token
Acquiring and Using an Access Token. Acquire a token from the cache (MSAL. How do I get Bearer (Access) Token in v2 format...
Read more >
draft-ietf-oauth-v2-bearer-23
The OAuth 2.0 Authorization Framework: Bearer Token Usage (Internet-Draft, 2018) ... While designed for use with access tokens resulting from OAuth 2.0 ......
Read more >
azure msal
JS v2 in a Single Page Application (SPA) to get an access token for the web API ... Loop with Angular Application and...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Only one version of refresh token is being used for any scope.

Next page

First call to acquireTokenSilent is slow due to getting authority metadata, even if token is served from localStorage