Open
Description
Core Library
MSAL.js (@azure/msal-browser)
Core Library Version
2.30.0
Wrapper Library
MSAL React (@azure/msal-react)
Wrapper Library Version
1.4.9
Public or Confidential Client?
Public
Description
With code snippet belwo:
import { useAccount, useMsal } from '@azure/msal-react';
const { instance, accounts } = useMsal();
const account = useAccount(accounts[0]);
const loginRequest = {
scopes: []
};
let response = await instance.acquireTokenSilent({
...loginRequest,
account
});
If no scopes are specified while getting the token, cache is not looked up even though tokens are cached. This is due to scope validation error at ScopeSet.ts#L77.
If scopes are mandatory then its better to fail acquireTokenSilent then behave in an unexpected way and cause avoidable API requests to Azure AD. If scopes are not mandatory then cache should be used.
Error Message
No response
MSAL Logs
No response
Network Trace (Preferrably Fiddler)
- Sent
- Pending
MSAL Configuration
export const msalConfig = {
auth: {
clientId: <>
authority: 'https://login.microsoftonline.com/<>',
redirectUri: <>
},
cache: {
cacheLocation: 'localStorage',
storeAuthStateInCookie: false
}
};Relevant Code Snippets
import { useAccount, useMsal } from '@azure/msal-react';
const { instance, accounts } = useMsal();
const account = useAccount(accounts[0]);
const loginRequest = {
scopes: []
};
let response = await instance.acquireTokenSilent({
...loginRequest,
account
});Reproduction Steps
- Use
acquireTokenSilentto get token with emptyscopes.
Expected Behavior
Cache should be used even with empty scopes.
Identity Provider
Entra ID (formerly Azure AD) / MSA
Browsers Affected (Select all that apply)
Edge
Regression
No response
Source
External (Customer)