Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
How to do incremental consent with /.default scopes?
See original GitHub issuePlease follow the issue template below. Failure to do so will result in a delay in answering your question.
Library
-
@azure/msal@1.2.1 -
@azure/msal-browser@2.x.x -
@azure/msal-angular@0.x.x -
@azure/msal-angular@1.x.x -
@azure/msal-angularjs@1.x.x
Description
We have an existing application that is requesting scopes: [“https://management.azure.com/.default”]. Everything works well
We have a new requirement to access Azure storage apis and thus we need a new scope for resource https://storage.azure.com. We decide to request the /.default scope again on this resource so our new scopes look like this: [“https://management.azure.com/.default”, “https://storage.azure.com/.default”].
I’ve tried to request these scopes on loginRedirect and I got an error:
So I tried to remove this new scope from loginRedirect and put it in acquireTokenSilent and I get a similar error (an exception gets thrown in code and a similar error message is contained in the error)
My question is
- Am I requesting these scopes improperly?
- The documentation has suggested to use incremental consent but there aren’t instructions on how to do so
Let me know if you need any more details from me. Thank you.
Issue Analytics
- State:
- Created 3 years ago
- Comments:8 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@thoo1 AcquireToken calls are per resource, regardless of if you are using ./default or not. So you should be making separate calls for each. Try that and see if it works.
@tnorling thank you so much! that was the case indeed! I was using
2.0.0-beta.0and everything is working fine after upgrading to2.0.0-beta.1.I installed beta.0 two days ago, but didn’t check for a possible newer release in the meantime, my bad. Sorry for such an easy-to-fix question. I’m just playing around with it and it looks really promising! It was just driving me crazy because i thought I got my authentication flow wrong. Thank you again for your precious help, I really appreciate it!