Skip to content

Not able to login with Personal accounts MSAL #7570

New issue
New issue
Open
Open
Not able to login with Personal accounts MSAL#7570
Labels
Needs: Attention 👋Awaiting response from the MSAL.js teambug-unconfirmedA reported bug that needs to be investigated and confirmedconfidential-clientIssues regarding ConfidentialClientApplicationsmsal-nodeRelated to msal-node packagequestionCustomer is asking for a clarification, use case or information.
@ayush4computing

Description

@ayush4computing
ayush4computing
opened on Feb 14, 2025

Core Library

MSAL Node (@azure/msal-node)

Core Library Version

1.17.3

Wrapper Library

Not Applicable

Wrapper Library Version

NA

Public or Confidential Client?

Confidential

Description

We are currently not able to login with personal Microsoft account, earlier it was working fine and we haven't made any code changes. Earlier it was working fine but now we are seeing this issue.
Our old personal accounts are still working fine but the newly created accounts are seeing the problem.

Error Message

This is the error that we are getting

req.body [Object: null prototype] {
error: 'server_error',
state: 'eyJzdWNjZXNzUmVkaXJlY3QiOiIvIn0='
}

ClientAuthError: request_cannot_be_made: Token request cannot be made without authorization code or refresh token.

MSAL Logs

No response

Network Trace (Preferrably Fiddler)

  • Sent
  • Pending

MSAL Configuration

const endpoint = 'https://login.microsoftonline.com/common/discovery/instance';

This is the endpoint that we are using

Relevant Code Snippets

handleRedirect(options = {}) {
        return async (req, res, next) => {
            if (!req.body || !req.body.state) {
                return next(new Error('Error: response not found'));
            }

 const authCodeRequest = {
                        ...req.session.authCodeRequest,
                        code: req.body.code,
                        codeVerifier: req.session.pkceCodes.verifier,
                    };

                    const msalInstance = this.getMsalInstance(this.msalConfig);

                    if (req.session.tokenCache) {
                        msalInstance.getTokenCache().deserialize(req.session.tokenCache);
                    }

                    const tokenResponse = await msalInstance.acquireTokenByCode(authCodeRequest, req.body);

                    req.session.tokenCache = msalInstance.getTokenCache().serialize();

                    req.session.account = tokenResponse.account;
                    req.session.isAuthenticated = true;

                    const state = JSON.parse(this.cryptoProvider.base64Decode(req.body.state));
                    
                    this.acquireToken({
                        scopes: ['Test.ReadWrite'],
                        redirectUri: REDIRECT_URI,
                        successRedirect: POST_LOGOUT_REDIRECT_URI
                    })(req, res, next);
                } catch (error) {
                    console.log(error);
                    res.redirect(POST_LOGOUT_REDIRECT_URI)
                }

Reproduction Steps

  1. Login in with personal microsoft account
  2. It redirects back to the login page

Expected Behavior

It should logged in the user with personal account

Identity Provider

Entra ID (formerly Azure AD) / MSA

Browsers Affected (Select all that apply)

Chrome

Regression

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    Needs: Attention 👋Awaiting response from the MSAL.js teambug-unconfirmedA reported bug that needs to be investigated and confirmedconfidential-clientIssues regarding ConfidentialClientApplicationsmsal-nodeRelated to msal-node packagequestionCustomer is asking for a clarification, use case or information.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions