Can't construct an IdTokenResponse from a AuthResponse that has a token type of "access_token

Hey all, I’ve had the same issue and at least on my end its an error on the token refresh. When the token is cached, it had the wrong token type causing a failure. Temp fix that is working for me is to set forceRefresh: true in the authenticationParameters

const authenticationParameters = {
   scopes: [clientId, etc],
   state: location.href.replace(location.hash,""),
   forceRefresh: true
}

UPDATE: In some instances the forceRefresh: true will cause an authentication failure due to a “client auth loop”. This is an error returned from Microsoft when an app requests too many tokens in a short time span (details here)

Apps making multiple requests (15+) in a short period of time (5 minutes) will receive an invalid_grant error explaining that they are looping. The tokens being requested have sufficiently long-lived lifetimes (10 minutes minimum, 60 minutes by default), so repeated requests over this time period are unnecessary.

The real issue lies in the token refresh. When the silent token call caches the token, the token_type is not refreshed. This causes a conditional check to fail in this library. https://github.com/syncweek-react-aad/react-aad/blob/5015337ef1eaa6d29822b207ddd2efeedc28caef/packages/react-aad-msal/src/IdTokenResponse.ts#L11

The real issue will be solving the token cache issue, but in the mean time, a better fix I am using is to patch the dependency directly to check if a token exists rather than for the tokenType. (You can add better logic to check if an idToken exists in the object if you want to be really safe).

if (!response.tokenType) {

This is the library I used for the patch: https://github.com/ds300/patch-package#readme