Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

useIsAuthenticated hook returning true when token is expired

See original GitHub issue

Core Library

MSAL.js v2 (@azure/msal-browser)

Core Library Version

2.32.0

Wrapper Library

MSAL React (@azure/msal-react)

Wrapper Library Version

1.5.0

Public or Confidential Client?

Public

Description

I’m using the useIsAuthenticated() hook to render specific components when a user is signed in with a valid session. When the token expires, useIsAuthenticated() returns true.

Error Message

InteractionRequiredAuthError: interaction_required: AADSTS70044: The session has expired or is invalid due to sign-in frequency checks by conditional access. Trace ID: c6c8ef47-fefa-4c22-a062-0c711089dc00 Correlation ID: b72a73fe-3359-44ca-b770-8eaab110d757

Msal Logs

No response

MSAL Configuration

{
  auth: {
    clientId: '',
    authority: '',
    redirectUri: window.location.origin
  },
  cache: {
    cacheLocation: 'localStorage',
    storeAuthStateInCookie: false 
  }
}

Relevant Code Snippets

import { useIsAuthenticated } from '@azure/msal-react'
const IsAuthenticated = useIsAuthenticated()

export default function MyComponent () {
  return (
     IsAuthenticated === true
       ? Valid Session
       : Invalid Session
  )
}

Reproduction Steps

Wait for the token to expire
Log the return value of useIsAuthenticated()

Expected Behavior

useIsAuthenticated() should be returning false when a session is invalid.

Identity Provider

Azure AD / MSA

Browsers Affected (Select all that apply)

Chrome

Regression

No response

Source

External (Customer)

Issue Analytics

State:
Created 9 months ago
Comments:12 (1 by maintainers)

Top GitHub Comments

1reaction

hectormmgcommented, Dec 7, 2022

@kvargha thanks for raising the issue.

The useIsAuthenticated hook is designed to return true when there is a user account in the cache, meaning the user is “Authenticated” in your application. It doesn’t reflect the state of validity of any of the related tokens, which determine whether or not the user is “Authorized”.

If you want to determine if the user is authorized, please use the useMsalAuthentication hook or MsalAuthenticationTemplate instead. Thanks!

0reactions

kvarghacommented, Dec 21, 2022

Thank you @tnorling! This is exactly what I needed. I’ll be closing the issue now.