Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
How do you re-validate the token for session management?
See original GitHub issueCore Library
MSAL.js v2 (@azure/msal-browser)
Core Library Version
2.13.1
Wrapper Library
Not Applicable
Wrapper Library Version
NA
Public or Confidential Client?
Public
Description
I have a single page React app. I use this @azure/msal-browser package’s loginPopup() API to let my app user login using their Azure AD credentials. Once successfully signed in, their login data e.g. access token etc gets stored in the local storage.
My question is how do I check the validity of the access token for the. session? i.e. if the token has passed its expiration time? Do I can see the MSAL response does have “exp”: 1662430649, (Unix timestamp) value of expiration. Do I save this in the local storage and check\update on each user interaction or save session data in the backend database and do the validations? Does the MS Graph API or the @azure/msal-browser package provides any API to validate the expiry of the token?
MSAL Configuration
Not relevant to my question
Relevant Code Snippets
Not applicable
Identity Provider
Azure AD / MSA
Source
External (Customer)
Issue Analytics
- State:
- Created a year ago
- Comments:9 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@DewangS Thanks for elaborating further. As @derisen mentioned above, the idToken is not tied to the web resource that you are trying to access. In order to renew id tokens, you need to use acquireTokenSilent with the client-id of your application as the scope. This api will automatically fetch a valid IdToken for you in case of expiration.
If the session is not valid at that point, Msal will throw an error. You can then catch the error & use acquireTokenRedirect() or acquireTokenPopup() for renewing the token. Since the Access token lifetime is 1h, you can also make sure you call the ATS api every hour, to maintain the session.
Please let us know in case you have any further questions.
Thanks @bmahall for the detailed explanation. For now I’ve just implemented local session management i.e. if the session is idle for a set amount of time, user gets logged out.