Token call are block in hidden iframes Angular 8+

Question

Configuration:
    "@azure/msal-angular": "^1.1.2",
    "msal": "^1.4.4",
    "rxjs": "~6.4.0",
     Angular 8+


export const msalConfig: Configuration = {
  auth: {
    clientId: environment.msalModule.clientID,
    authority: environment.msalModule.authority,
    redirectUri: environment.msalModule.redirectUri,
    validateAuthority: true,
    postLogoutRedirectUri: environment.msalModule.redirectUri,
    navigateToLoginRequestUrl: true
  },
  cache:
  {
    cacheLocation: 'localStorage',
  }
}

export const angularConfig: MsalAngularConfiguration = {
  popUp: false,
  consentScopes: [
    'user.read',
    environment.msalModule.appScope
  ],
  protectedResourceMap: protectedResourceMap
}

I have Angular application with above configuration. I'm using MsalInterceptor from msal-angular library. After login in microsoft window I'm redirect to application where I recive error: "Token calls are block in hidden iframe" and after this one another "Token renewal failed due to timeout". Problem is with acquireTokenSilent mehod which failes. I saw more people had this problem and this is describe here: https://github.com/AzureAD/microsoft-authentication-library-for-js/issues/1194. This error exist even if user has token in localStorage. I thought that maybe it's just warning and i can catch error and act as user who is logged in but no because somethimes useractually doesn't have token and then app crush. Is there anyone who had similar problem and deal with that?

Answer 1

The error occurs when detecting that your application is calling acquireTokenSilent on page load inside of that iframe, in order to prevent any bad side effects as a result (e.g. endlessly trying to acquire tokens). The suggestion as listed in this thread is to not call acquireTokenSilent on page load when there is hash in the url and your app is inside an iframe.