Microsoft-authentication-library-for-js: Renewal of IdToken
I'm using Msal for Azure B2C authentication & API authorization. When using acquireTokenSilent for the Id Token (scope being the application id). It always resolves unless the id_token has expired. A renewal never resolves and leaves an error in the console that cannot be caught (doesn't even have a stacktrace).
Uncaught (in promise) Please call ResolveEndpointsAsync first
I can see the HTTP request to openid-configuration being resolved in my network logs, so I don't really get why ResolveEndpointsAsync is causing issues. The acquire process is started, since I can see msal_acquireTokenUser entries pile up in the sessionStorage & I also see the msalIdTokenFrame being an empty Iframe (since it has no url assigned to it)
AccessTokens to for my API scopes are being renewed properly.
Am I doing something wrong, or is this a bug in the library? If the latter, any ETA on a new release resolving this? Or if available a quick workaround that I can implement?
WardGubbi
All 5 comments
I'm also stuck on this.
trbngr
on 21 Jul 2017
authContext.acquireTokenSilent(ad.scopes, null, authContext.getUser())
@WardGubbi passing authority as null to the acquireTokenSilent constructor will force it to reuse the AuthorityInstance to contains the tenant information. Otherwise a new instance is created without the endpoints.
Hope that made sense. 馃槣
Short story, pass authority as null.
trbngr
on 21 Jul 2017
Makes total sense! Thanks @trbngr
WardGubbi
on 21 Jul 2017
Closing this issue as it is resolved by the application above.
rohitnarula7176
on 10 Aug 2017
For those coming across this issue from Google, the current way to renewing an IdToken is slightly different as far as I can tell. According to the comments in the code base, the standard is to call the acquireTokenSilent and pass the clientId of the app as the only scope:
const clientId = 'xxxxxxxxxxxxxxxxxxxxx';
const authParameters = { scopes: [clientId] }
const response = await authContext.acquireTokenSilent(authParameters);
AndrewCraswell
on 24 Aug 2019
Related issues
adriannasui
路
3Comments
ssuvorov
路
3Comments
yakimko
路
3Comments
ninio
路
3Comments
AbhaysinghBhosale
路
3Comments
Most helpful comment
authContext.acquireTokenSilent(ad.scopes, null, authContext.getUser())@WardGubbi passing
authorityas null to theacquireTokenSilentconstructor will force it to reuse theAuthorityInstanceto contains the tenant information. Otherwise a new instance is created without the endpoints.Hope that made sense. 馃槣
Short story, pass
authorityas null.