0

In one of my react project, I am using react-aad-msal for the authentication. But, it seems that I am having the following issue:

  1. First time try to login and it works
  2. After one hour the token expires and can't access the app
  3. Need to clear the cache/browser history and re-run the react app again to access the page

Does anybody have experienced the similar issues. Here is the authProvider.js file looks like:

 const config = {
  auth: {
    authority: `https://login.microsoftonline.com/${authority}`,
    clientId,
    validateAuthority: false,
    redirectUri: window.location.origin,
  },
  cache: {
    cacheLocation: 'localStorage',
    storeAuthStateInCookie: true,
  },
};

const authenticationParameters = {
  scopes: ['profile', 'offline_access'],
};

const options = {
  loginType: LoginType.Redirect,
  tokenRefreshUri: `${window.location.origin}/auth.html`,
};

Thanks in advance for the help.

saon
  • 591
  • 1
  • 7
  • 19
  • The token expiration token timeout should have been set at 3600 seconds and the refresh token isn't getting issued to extend the access token. Please check once. – Kartik Bhiwapurkar Dec 02 '21 at 14:06
  • Yes, there is a timeout set that the token expires and the token should renew again but why it's not? – saon Dec 02 '21 at 14:23
  • Hey, thanks for the comments. I think we have the correct setup in azure portal but the actual problem was with the react-aad-msal latest version doesn't work as intended but downgrading the package solved our problem – saon Dec 10 '21 at 10:45
  • Hey, sorry that didn't solve the issues. We had the similar configurations in our app registrations but the thing is that we need to downgrade the react-aad-msal library for successful token renewal. – saon Dec 22 '21 at 12:45

1 Answers1

0

• Please check for any conditional access policy that is assigned to your application authentication and sign in mechanism as if this policy is applied to your app’s service principal, your organization, or your application, then it will take precedence over the default values of refresh token timeout and issuance as well as access token also.

Azure AD Conditional Access Policy

Thus, to check the authentication session controls for conditional access in Azure AD, please check the session control settings configured in Security --> conditional access as given below as these settings define the refresh token and session behavior: -

Also, ensure that certain settings in conditional access policy like Sign-in frequency control, persistent browser session control are correctly set or not enabled in your policy according to your requirement. Please find the reference images below for configuration of these settings: - Signin frequency policy Persistent browser session

Please refer the below links for more details: -

https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-session-lifetime

https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-session

Kartik Bhiwapurkar
  • 4,550
  • 2
  • 4
  • 9