How can we get the token from msalInstance.acquireTokenRedirect?

[elliott-with-the-longest-name-on-github]

Library

• [ ] msal@1.x.x or @azure/msal@1.x.x
• [ ] @azure/msal-browser@2.x.x
• [ ] @azure/msal-node@1.x.x
• [x] @azure/msal-react@1.0.0-alpha.6
• [ ] @azure/msal-angular@0.x.x
• [ ] @azure/msal-angular@1.x.x
• [ ] @azure/msal-angular@2.x.x
• [ ] @azure/msal-angularjs@1.x.x

Description

Hey there!

I read in the documentation (or maybe in another GitHub issue? can't remember) that we shouldn't be calling msalInstance.handleRedirectPromise() when using the React library, as that's handled behind the scenes. (Thank you, by the way -- it's great to have that abstracted away.)

However, I can't seem to figure out how I'm supposed to retrieve the response from msalInstance.acquireTokenRedirect() in the React library.

The following example with the popup method works (a bit of pseudocode to keep it brief):

const [ instance ] = useMsal();
// assume we've tried silently refreshing already and it's failed...
const authResponse = await instance.acquireTokenPopup();
const authToken = authResponse.accessToken;

This works because acquireTokenPopup returns a Promise<AuthenticationResponse>.

However, the following does not work:

const [ instance ] = useMsal();
// assume we've tried silently refreshing already and it's failed...
const authResponse = await instance.acquireTokenRedirect(); // returns void
const authToken = authResponse.accessToken; // There's nothing in authResponse

This is because acuireTokenRedirect returns a Promise<void>. How are we supposed to access the token from the redirect flow?

It would actually be nice to have some documentation on the redirect flow and how it interacts with the React MSAL library in general.

Source

• [ ] Internal (Microsoft)
• [x] Customer request

[tnorling]

@tcc-sejohnson The React FAQ calls out this exact scenario. We will also be working on more comprehensive docs on working with redirects before GA.

Generally, if all you need is the token you should call acquireTokenSilent each time you need to use a token. It will retrieve a token from the cache if you've previously retrieved it from acquireTokenRedirect. If you really need to get the response directly from the redirect API you can add an event callback that listens for the LOGIN_SUCCESS event with interactionType: Redirect. The payload will be the same response object that would be returned by handleRedirectPromise

For an example of how this is done in a real app you can take a look at our B2C sample which registers an event callback to be run on an error.

[elliott-with-the-longest-name-on-github]

The React FAQ calls out this exact scenario. We will also be working on more comprehensive docs on working with redirects before GA.

Ah, thanks -- that's what I was looking for. I'd somehow read that and remembered the "don't use handleRedirectPromise" and forgotten the part about registering callbacks.

Generally, if all you need is the token you should call acquireTokenSilent each time you need to use a token. It will retrieve a token from the cache if you've previously retrieved it from acquireTokenRedirect.

Yep! If I understand correctly, the only scenario in which this fails (assuming we're not talking about network errors and the like) are when the cached refresh token is expired? In that case, we would have to fall back to acquireTokenRedirect or acquireTokenPopup, correct?

[tnorling]

Generally yes the expired RT is the most common reason for an error thrown from acquireTokenSilent. However, there are many kinds of errors that can be thrown from acquireTokenSilent, including network errors, so we generally recommend you fallback to acquireTokenRedirect or acquireTokenPopup when it fails. If you just care about errors that are a direct cause of requiring interaction, you can specifically catch the interaction_required error.

[github-actions[bot]]

This issue has not seen activity in 14 days. If your issue has not been resolved please leave a comment to keep this open. It will be closed in 7 days if it remains stale.

[github-actions[bot]]

This issue has been closed due to inactivity. If this has not been resolved please open a new issue. Thanks!