![]() Because the authentication redirect happens in a pop-up window, the state of the main application is preserved. If you don't want users to move away from your main application page during authentication, we recommend the pop-up method. The choice between a pop-up or redirect experience depends on your application flow: Redirect, by using acquireTokenRedirectĬhoose between a pop-up or redirect experience.Pop-up window, by using acquireTokenPopup.In these cases, you should invoke one of the interactive methods (which may prompt the user) to acquire tokens: More often, failures are due to the refresh token's 24-hour lifetime expiring and the browser blocking 3rd party cookies, which prevents the use of hidden iframes to continue authenticating the user. The silent token requests to Azure AD might fail for reasons like a password change or updated conditional access policies. ![]() For more information about single sign-on session and token lifetime values in Azure AD, see Token lifetimes. If the refresh token's 24-hour lifetime has expired, MSAL.js will open a hidden iframe to silently request a new authorization code, which it will exchange for a new, valid refresh token. ![]() ![]() When no valid token is in the cache, it attempts to use its refresh token to get the token. When this method is called, the library first checks the cache in browser storage to see if a valid token exists and returns it. The pattern for acquiring tokens for APIs with MSAL.js is to first attempt a silent token request by using the acquireTokenSilent method. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |