Unable to renew token with adal.js
I'm using Javascript (without Angular) to add AAD authentication to my single page web app. The initial login works fine, but after an hour, the token expires, and I am unable to renew it with acquireToken. I've tried calling acquireToken when I am still logged in with my clientID and it works fine, but after the token expires, I can't renew it. It fails with "Token renewal operation failed due to timeout".
After the token expires, I ran this:
// ADALContext created from calling new AuthenticationContext
// passed in same clientID to acquire token as to create ADALContext
ADALContext.acquireToken(clientID, function (error, token) {console.log(error, token)})
I've enabled oauth2AllowImplicitFlow in AAD.
"keyCredentials": [],
"knownClientApplications": [],
"logoutUrl": null,
"oauth2AllowImplicitFlow": true,
"oauth2AllowUrlPathMatching": true,
Not sure what step I'm missing. Thank you!
Edit: Right after the token expires, if I run acquireToken(clientID, func), I get "User login is required". However, if I call getCachedUser, I get a user back, after which calling acquireToken returned the timeout error.
Actually, adal for js will cache the login info into session storage or local storage in browser, depends your configuration in code. You can use chrome's develop tool to have a glance of this table:
So the cachaed user is decoded from adal.idtoken. So you can get the cached user. And according the source code of acquireToken, it will check whether the login user is exist before renew the access token, which will raise the User login is required issue.
To bypass this issue, you can run getCachedUser() function before run acquireToken() for renewing an access token.
- Error: AADSTS50058: A silent sign-in request was sent but no user is signed in - Angular ADAL authentication issue in mobile safari browser
- How to acquire Azure management token and call HTTP in .NET for Azure B2C domain name availability check?
- How can I ensure a domain name isn't already taken before creating Azure B2C tenant?
- Azure react sample gives "invalid_request: The provided value for the input parameter 'redirect_uri' is not valid"
- AuthenticationContext error with MFA AADSTS50076
- How to extract the token expiration time with the System.IdentityModel.Tokens.Jwt package
- OneDrive API - Refer to Sharepoint file to upload or download - invalid audience error
- Azure AD Authentication Error: User Cancelled the flow
- What format is the exp (Expiration Time) claim in a JWT
- How to verify JWT id_token produced by MS Azure AD?
- How can I use my Azure AD app from another tenant?
- How can I trigger admin consent flow for a native multitenant app?
- OAuth 2.0 Authorization Code Grant without secret
- X-Frame-Option DENY error when AAD sign-in in office add-in
- Unable to acquire token silently or via redirect using msal-browser
- How to avoid pop up tag in browser while getting access token with using MSAL in python
- Azure PowerShell Login: browser based authentication dialog failed to complete
- How to convert this code to scala (using adal to generate Azure AD token)
- How do I check to see if my AzureAD version is V1 or V2?
- Graph SDK OAUTH ADAL client credentials for reuse? later
- How to connect to Microsoft Dataverse API Endpoint with Python
- Not clearing token when logging out using Angular, MSAL and Azure AD B2C
- ADAL and MSAL confusion
- Automatic token refresh after 1 hour . React-adal
- Update claims in ClaimsPrincipal
- CompactToken parsing failed with error code: 80049217 when using passport library to access Microsoft Graph API
- AcquireTokenSilent always Failed to acquire token silently
- Can I use acquireTokenByclientCredential using PublicClientApplication
- [NodeJs Upgrading from ADAL to MSAL]: Cannot create property 'authenticationScheme' on string
- Invalid signature while validating Azure ad access token, but id token works