I can't get accessToken via requireTokenSilent @azure/msal-browser

Question

I'm recently trying to get accessToken from AzureADB2C with "acquireTokenSilent Flow". I'm using @azure/msal-browser and my app is React. So, now my code is like this.

    const getTokenRedirect = async (account, apiConfig) => {
        publicClient.acquireTokenSilent({
            scopes: apiConfig.scopes,
            account: account,
            authority: apiConfig.authority,
        }).then(tokenResponse => {
            console.log(tokenResponse);
            setAccessToken(tokenResponse.accessToken);
        }).catch(async (error) => {
            console.log(error);
        });

    }

Then this code response refresh token, not accessToken. I have no idea why acquireTokenSilent didn't response accessToken. I did get idToken from ADB2C. And another sample (msal.js vanilla Sample) got accessToken. So I think B2C setting is correct. My code has some problems.

Does anybody know solution for like this.

apiConfig = URI +scopes (I set my app on app registry panel on this uri is exposed . and scopes is set also at scopes panel. It's like https://[mywebapplicationURI]/[scopes] . This one is not b2c policy URL. But I got refresh token anyway. — denshita, Jan 09 '21 at 13:47
Can [this](https://stackoverflow.com/a/64417515) answer your question? — Tiny Wang, Jan 10 '21 at 10:14
Hi Tiny-wa. Thank you for your comment. I found this issue https://github.com/AzureAD/microsoft-authentication-library-for-js/issues/2315 . I think this problem is same of mine. — denshita, Jan 10 '21 at 14:58
okay, the link you provided also gives a solution that using both acquireTokenSilent and acquireTokenRedirect. Hope you to solve it soon. — Tiny Wang, Jan 11 '21 at 01:28

score 1 · Answer 1 · answered Jan 13 '21 at 14:58

1

This is caused by the version of msal-browser, and the accessToken cannot be returned in versions after 2.1.0.

It is a known issue of the B2C service currently tracked here, and Microsoft should fix it in the future.

answered Jan 13 '21 at 14:58

Carl Zhao

8,543
2
11
19

score 0 · Accepted Answer · answered Jan 02 '22 at 00:45

I'm using @azure/msal-browser version 2.20.0 and am getting an access token now that I have configured the request passed to acquireTokenSilent correctly. Check that any scopes included in the request use the full path name of the scope, not just the short name. In my case I have an API permission which I see in Azure AD B2C is named https://MYAPPNAME.onmicrosoft.com/MYAPPNAME-development/demo.read, so the scope name needs to be set to that long name, not the short version of just demo.read.

I can't get accessToken via requireTokenSilent @azure/msal-browser

2 Answers2

Linked