Microsoft-authentication-library-for-js: Performance issues after acquireTokenSilent

@MariuszKogut We are working on a new version of the library that sandboxes the app loaded in the iframe (which prevents the JS in the frame from loading) and allows you to set a redirect page that doesn't include any content or have MSAL included (i.e. a simple/blank page). Please try it out and let us know how it works for you: [email protected]

Update: we have discovered some issues with this beta, and will have a new version soon. Will keep you updated.

@MariuszKogut we had a similar performance concerns in our application. And currently as a quick workaround which works perfectly in our case I can suggest you to not bootstrap the application in the iframe if it's possible in your case.

To do that you need to find the entry point in your application (I'm not a React expert, we are developing an Angular app), but I assume it should be something like this:

ReactDOM.render(
  App,
  document.getElementById('root')
);

Now you need to determine whether you in the iframe or not and based on this information decide whether to bootstrap the application or not:

if (window.parent === window) {
    // The entry point to your application
} else {
    let config = {
        // Your MSAL config
    };

    let context = new Msal.UserAgentApplication(config);

    context.handleRedirectCallback((error) => {
        console.error(`MSAL Frame error: ${error}`);
    });
}

@MariuszKogut A new version of the beta has been released: [email protected]

Unfortunately, we had to disable the sandboxing of the iframe, but this version still allows you to use a redirect page that is dedicated to MSAL (and it doesn't have to include MSAL or any other content on it).

Please let us know if you have any feedback!

@anton-gorbikov

Now you need to determine whether you in the iframe or not and based on this information decide whether to bootstrap the application or not:

Thanks - this works for me to reduce the "pain" of our problem.

@jasonnutter

Unfortunately, we had to disable the sandboxing of the iframe, but this version still allows you to use a redirect page that is dedicated to MSAL (and it doesn't have to include MSAL or any other content on it).

Is there a documentation that describes how I can use a dedicated page to MSAL? As I understood so far, I have to initialize MSAL to process the callback by Azure Ad.

@mariuszkogut Not yet, we'll have that posted soon.

@jasonnutter currently I am seeing full app reloads (in the iframe) on every single acquireTokenSilent call. Is this the default behavior or should this just happen occasionally (i.e. if a new token is acquired)?

@jannikbuschke This should only happen when a new token is acquired, and should not happen every time. Can you please open a separate issue detailing your usage? Thanks!

Closing this issue, as it's been some time and I'm assuming the issue has been resolved. Feel free to open a new issue if you have further questions.

This should be resolved with the latest beta.4 release in npm. Please test it and let us know how it works. In case the issue still persists, please open a new issue.