Closed jiasli closed 2 weeks ago
@jiasli , I believe the issue has been resolved. Can we mark this as done?
I believe the issue has been resolved. Can we mark this as done?
@fengga , was it fixed in the PyMsalRuntime 0.16.2a1? @jiasli , can you test that, too?
If I can get a confirmation from either of you, this issue will be closed by/after MSAL Python's next release which adopts the PyMsalRuntime 0.16.x
@fengga, could you provide more details on the root cause and how it is fixed?
This error is returned from WAM, and our code indicates it should be resolved by make a new interactive call (we are returning Response_Status.Status_InteractionRequired). If a new interactive call cannot resolve the issue, it is an issue in our team or WAM team. If you were asking why we received InteractionRequired, I'd say there would be so many reasons such as have not logged in for a long time or some security considerations. If you can collect WAM logs, WAM team can tell. @jiasli , I remember previously you changed your logic when seeing Status_InteractionRequired you should make a new interactively call, is that working? Are you still receiving such kind of errors?
Closing this issue per offline conversation.
Describe the bug WAM fails for MSA (Microsoft Account): AADSTS9002313: Invalid request. Request is malformed or invalid.
To Reproduce With
enable_pii_log
turned on (https://github.com/Azure/azure-cli/pull/28954):The token request for
organizations
is successful, but fails for a specific tenantTENANT_ID
.According to https://learn.microsoft.com/en-us/entra/identity-platform/reference-error-codes,
AADSTS9002313
seems to be caused by a request formatting issue on the client side:Expected behavior WAM should succeed for MSA.
What you see instead WAM fails for MSA
The MSAL Python version you are using
Additional context This issue may be related to https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/4696, but the error message is different.