Microsoft-authentication-library-for-js: AADSTS50196: The server terminated an operation because it encountered a loop while processing a request

@abishekreddy Can you please expand more on the specific context you are facing this issue? A minimal reproduction with the relevant code sample (initialization of MSAL library, login and acquireToken calls etc and anything else) to further understand the issue.

In general, filling the below section in the new issue format is very helpful.

Minimal reproduction of the problem with instructions

This error code is seen in Safari if the user enables "Prevent cross-site tracking" setting. Toggling that setting off, loading the site will then work, and then re-enabling the setting allows things work for a while until presumably some credential expires and things fail again.

@abishekreddy @vbora Can you please refer to Known Issues in Safari and see if it helps. This is something we cannot resolve in MSAL at this point and we provided workarounds for the same in the above link.

I am facing this same issue into chrome with Windows 10. any idea where it's going wrong ?

@GopalZadafiya Can you share us some sample code?

I have the same issue when opening Office 365 for the first time
AADSTS50196: The server terminated an operation because it encountered a loop while processing a request.

My customer has the same issue last Friday. However I can't reproduce this.

I use adal-angular to implement authentication (https://www.npmjs.com/package/adal-angular). Here is my code:
`var isAuthenticated = function () {
var deferred = (q as any).defer();

if (!_adal._renewActive && !_oauthData.isAuthenticated) {
    if (!_adal._getItem(_adal.CONSTANTS.STORAGE.FAILED_RENEW)) {
        // Idtoken is expired or not present
        _adal.acquireToken(_adal.config.loginResource, function (error, tokenOut) {
            if (error) {
                _adal.error('adal:loginFailure', 'auto renew failure');
                AppInsight.trackTrace("Auto renew failure");
                AppInsight.trackException(error, { additionalMessage: 'Auto renew failure' });
                deferred.reject();
            }
            else {
                if (tokenOut) {
                    _oauthData.isAuthenticated = true;
                    deferred.resolve();
                }
                else {
                    AppInsight.trackTrace("Tokenout is null");
                    deferred.reject();
                }
            }
        });
    }
    else {
        deferred.resolve();
    }
}
else {
    deferred.resolve();
}

return deferred.promise;

}

var makeRequest = function (settings) {
var deferred = (q as any).defer();

var xhr = new XMLHttpRequest();
xhr.onreadystatechange = function () {
    if (this.readyState === 4) {
        if (this.status === 200) {
            deferred.resolve(this.response);
        }
        else if (this.status >= 400) {
            deferred.reject();
        }
    }
}
xhr.open(settings.method || 'GET', settings.url, true);

for (var header in settings.headers) {
    xhr.setRequestHeader(header, settings.headers[header]);
}

xhr.responseType = settings.dataType || 'json';
xhr.send(settings.data);

return deferred.promise;

}

export var adalRequest = function (settings) {
var deferred = (q as any).defer();
AppInsight.trackTrace(Start authenticate with settings: ${settings && JSON.stringify(settings)});

isAuthenticated().then(function () {
    var resource = _adal.getResourceForEndpoint(settings.url);

    if (!resource) {
        _adal.info('No resource configured for \'' + settings.url + '\'');
        deferred.reject();
        return deferred.promise;
    }

    var tokenStored = _adal.getCachedToken(resource);
    if (tokenStored) {
        if (!settings.headers) {
            settings.headers = {};
        }

        settings.headers.Authorization = 'Bearer ' + tokenStored;

        makeRequest(settings).then(deferred.resolve, deferred.reject);
    }
    else {
        var isEndpoint = false;

        for (var endpointUrl in _adal.config.endpoints) {
            if (settings.url.indexOf(endpointUrl) > -1) {
                isEndpoint = true;
            }
        }

        if (_adal.loginInProgress()) {
            _adal.info('Login already in progress');
            AppInsight.trackTrace('Login already in progress');
            deferred.reject();
        }
        else if (isEndpoint) {
            _adal.acquireToken(resource, function (error, tokenOut) {
                if (error) {
                    deferred.reject();
                    _adal.error(error);
                    AppInsight.trackException(error, { additionalMessage: `Acuire token failed for resource: ${resource}` });
                }
                else {
                    if (tokenOut) {
                        _adal.verbose('Token is available');
                        if (!settings.headers) {
                            settings.headers = {};
                        }
                        settings.headers.Authorization = 'Bearer ' + tokenOut;
                        makeRequest(settings).then(deferred.resolve, deferred.reject);
                    }
                }
            });
        }
    }
}, function () {
    _adal.login();
})
return deferred.promise;

}`

@sameerag - A lot of people seem to be facing this issue. Can we re-open it? .

Based on my analysis, the issue seems to happen when two or more API calls are made at the same time with an expired token. When the library tries to fetch new token (One for each call), this error is displayed.

Note: This happens on all browsers but its more frequent on Edge (Something to do with the sequencing of network calls maybe?).

Same error when i added MS Stream video player to my Angular page

@abishekreddy Sure. Thanks for the inputs.
cc @jasonnutter Do you think this is same as throttling issue?

Correct, if you get this error, it is because your requests are being throttled, which is due to making too many request in a short period of time. This can be mitigated by reducing the number of tokens you are requesting, and/or ensuring that you are retrieving tokens from the cache.

You can read more information about this error here: https://docs.microsoft.com/en-us/azure/active-directory/develop/reference-breaking-changes#march-2019

We are working to make changes to our library to help avoid this error, and are planning to have a new version with these improvements soon.

Update on this issue: We are working to add mitigations in MSAL.js for this issue for certain scenarios (note, these improvements will not be added to ADAL.js). Unfortunately, we have found that there is only so much we can do from the library perspective to prevent this error, as it is often a result of improper usage of the library, either by making too many requests in a short period of time, and/or not properly leveraging the caching mechanisms the library provides, which exist to help prevent this error.

If you are receiving this error, we will need to determine 1) which ADAL/MSAL library you are using, and 2) what may be causing your application to make so many requests, and why those requests aren't using previously cached tokens. For most use cases, we expect improved usage of the library in these regards will help prevent these errors.

We'll post an update when have made more progress, thanks!

I'm facing the same problem opening Azure Machine Learning Studio in Chrome. Sometimes I'm able to sign in but after a short time the error pops up.

@AlbQuist I would recommend reporting that to Azure support, so that the relevant engineering teams can investigate (as you don't use MSAL directly inside of the Azure ML Studio, correct?).

This is the first search result on DDG when searching for AADSTS50196. I have a customer getting this trying to sign in with the WVD webclient.
https://rdweb.wvd.microsoft.com/webclient/index.html

Whatever the root cause is, it is affecting MSFT apps the same as custom apps.

@wjdavis5 Correct, we've heard of a number of 1st party Microsoft applications that have experienced this error. Internal MSFT teams should file an internal ticket with "eSTS" to start the triage and mitigation process.

Hi, I am getting this error from the Azure training website. https://www.microsoft.com/en-us/learning/azure-exams.aspx

It blows up as soon as I touch any exam and it tries to log me in.

Running Chrome on OSX 10.15.2

@jasonnutter A current example for you.

@johnmccrae Thanks, I'll find out who owns that site and let them know.

Closing this issue, as we are working on building proper throttling mechanisms into the library, e.g. #1338