microsoft-authentication-library-for-dotnet: Silent authentication call results in unexpected network call
Which Version of MSAL are you using ? MSAL.NET 3.0.8
Platform net45
What authentication flow has the issue?
- Desktop / Mobile
- Silent
Is this a new or existing app? This is a new app or experiment.
Repro Please see the following command line app which is a simplified model of how we are using MSAL: https://gist.github.com/mjcheetham/d3faa36325beef54527a5434e6445ddb
The specific offending code is line 80:
app.AcquireTokenSilent(Scopes, account).ExecuteAsync()
Running the application once will perform an interactive authentication and store the AT/RT in a cache at %UserProfile%\.gettoken\msal.cache (using MSAL’s cache extensibility APIs).
Running the application a second time will perform a silent authentication for the same user as previous.
Expected behavior No web call is performed (unless the access token has expired).
Actual behavior An instance discovery web call is made.
Possible Solution Unknown.
Additional context/ Logs / Screenshots
Fiddler shows the following request:
…with the following response:
About this issue
- Original URL
- State: closed
- Created 5 years ago
- Reactions: 1
- Comments: 17 (10 by maintainers)
@stevehurcombe , I’ve added the scenarios for mobile as well.
So to confirm this wont work for the Azure B2C case because the authority host is something like this: {tenantName}.b2clogin.com?
If so, then I take it there would have to be a code adjustment to support the the vast array of URLs rather than just the provided list from this comment: https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/1174#issuecomment-509664673