Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
MSAL logout requires user interaction to select account even though only one account in the list
See original GitHub issueLibrary
- [ X]
msal@1.x.xor@azure/msal@1.x.x -
@azure/msal-browser@2.x.x -
@azure/msal-node@1.x.x -
@azure/msal-react@1.x.x -
@azure/msal-angular@0.x.x -
@azure/msal-angular@1.x.x -
@azure/msal-angular@2.x.x -
@azure/msal-angularjs@1.x.x
Description
- While trying to logout from SPA application which has msal library integrated, the user is prompted with a ‘select account to logout’ screen even though there is only one account to select from. Is there a way to bypass this user interaction of account selection and directly go to Microsoft logout and clearing the cache & session?Tried adding ‘loginHint’ still the asks for user interaction to select account to logout. Found similar issue : https://github.com/AzureAD/microsoft-authentication-library-for-js/issues/2024 . is this resolved?
-
Should i use ‘msal-browser’ library ? is it same as msal v2? When will be msal v2 be ready for use in production?
-
While trying to implement SSO between tabs with same domain applications, the SSO only works if i include the the login.redirect() inside ngOninit() of login component. is there any other way of implementing SSO?
private authService: MsalService; => '@azure/msal-angular'
login() {
const isIE = window.navigator.userAgent.indexOf('MSIE ') > -1 || window.navigator.userAgent.indexOf('Trident/') > -1;
if (isIE) {
this.authService.loginRedirect();
} else {
if (this.authService.getAccount() && !this.authService.isCallback(window.location.hash)) {
let requestObj = {
scopes: ["user.read"],
loginHint: sessionStorage.getItem('AAD-preferredName'),
extraQueryParameters: {domain_hint: 'organizations'}
}
this.authService.handleRedirectCallback((error, response) => {
if (error) {
return;
}
});
this.authService.acquireTokenSilent(requestObj).then(function (accessTokenResponse) {
let token = accessTokenResponse.accessToken;
}
).catch(function (error) {
if (error.errorMessage.indexOf("interaction_required") !== -1) {
this.authService.acquireTokenRedirect(requestObj);
}
});
}
else {
this.authService.loginRedirect();
}
}
- Is it possible to hide the reload of screen while calling the acquireTokenSilent()? The screen is being loaded 3 times before it logs in.
added the below code on ngOnInit(),
this.isIframe = window !== window.parent && !window.opener;
MSAL configurations :
msalConfig: { auth: { clientId: clientID authority: ‘https://login.microsoftonline.com/tenantID’, validateAuthority: true, authorityMetadata: “”, knownAuthorities:[], redirectUri: “http://localhost:4200/”, postLogoutRedirectUri: ‘http://localhost:4200/’, navigateToLoginRequestUrl: false }, cache: { cacheLocation: “sessionStorage”, storeAuthStateInCookie: false },
NPM Packages used
Angular: 9.1.13 @azure/msal-angular: “^1.1.2”, msal: “^1.4.5”,
Source
- Internal (Microsoft)
- Customer request
Issue Analytics
- State:
- Created 3 years ago
- Reactions:1
- Comments:5 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
msal-browserare the same thing. I see that you are using angular code, when you refer to “v2 being ready for production” are you alluding to the msal-angular library? Or the msal-browser library? The msal-browser library is already production ready and stable, you should be able to use it today. However if you would like to use the msal-angular v2 wrapper, we have just released the public preview. It will not be released fully until the public preview is completed, we will update with ETA as soon as we have a better idea of what other work needs to be done..catchblock to execute. This is most likely because the server cannot detect your session inside of the iframe, either due to the absence of cookies (possibly tied to new browser cookie protections), or another error that causing the ATS to fail. I recommend looking at the 2.x versions of the libraries, as the occurrences of refreshes using hidden iframes is greatly decreased.This issue has been closed due to inactivity. If this has not been resolved please open a new issue. Thanks!