Skip to content

Undefined idTokenClaims after browser refresh #7654

New issue
New issue
Open
Open
Undefined idTokenClaims after browser refresh#7654
Labels
Needs: Attention 👋Awaiting response from the MSAL.js teambug-unconfirmedA reported bug that needs to be investigated and confirmedmsal-browserRelated to msal-browser packagemsal-reactRelated to @azure/msal-reactpublic-clientIssues regarding PublicClientApplicationsquestionCustomer is asking for a clarification, use case or information.
@slefved

Description

@slefved
slefved
opened on Mar 20, 2025

Core Library

MSAL.js (@azure/msal-browser)

Core Library Version

^4.7.0

Wrapper Library

MSAL React (@azure/msal-react)

Wrapper Library Version

^3.0.6

Public or Confidential Client?

Public

Description

Similar issue like #6690 and #6816 but Im using msal-react. idTokenClaims successfully obtained after login, but return undefined if browser refreshed.

Error Message

idTokenClaims undefined

MSAL Logs

no verbose level logs

Network Trace (Preferrably Fiddler)

  • Sent
  • Pending

MSAL Configuration

{
  auth: {
    clientId: [clientId],
    authority: 'https://[tenant].ciamlogin.com/',
    redirectUri: 'http://localhost:5173',
    postLogoutRedirectUri: '/',
    navigateToLoginRequestUrl: true,
  },
  cache: {
    cacheLocation: BrowserCacheLocation.LocalStorage,
    storeAuthStateInCookie: false,
  },
}

Relevant Code Snippets

const msalInstance = new PublicClientApplication(msalConfig);

await msalInstance.initialize();

if (!msalInstance.getActiveAccount() && msalInstance.getAllAccounts().length > 0) {
  msalInstance.setActiveAccount(msalInstance.getActiveAccount()[0]);
}

msalInstance.addEventCallback(async (event) => {
  if (event.eventType === EventType.LOGIN_SUCCESS && event.payload.account) {
    const account = event.payload.account;
    msalInstance.setActiveAccount(account);
  }
});

createRoot(document.getElementById('root')).render(
  <MsalProvider instance={msalInstance}>
    <MsalAuthenticationTemplate
      interactionType={InteractionType.Redirect}
      authenticationRequest={{ scopes: [] }}
    >
      <App />
    </MsalAuthenticationTemplate>
  </MsalProvider>
)



export default function App() {
  const { instance } = useMsal();
  const { idTokenClaims } = instance.getActiveAccount();
  console.log(idTokenClaims); // undefined
  return (
    <h1>Hello</h1>
  )
}

Reproduction Steps

  1. Open website and will be directed to Entra login page.
  2. Input credential and login.
  3. Successfully loggedin and redirected. idTokenClaims is obtained in App component.
  4. Refresh the page and idTokenClaims is undefined

Expected Behavior

idTokenClaims obtain even after browser refreshed.

Identity Provider

Entra ID (formerly Azure AD) / MSA

Browsers Affected (Select all that apply)

Chrome

Regression

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    Needs: Attention 👋Awaiting response from the MSAL.js teambug-unconfirmedA reported bug that needs to be investigated and confirmedmsal-browserRelated to msal-browser packagemsal-reactRelated to @azure/msal-reactpublic-clientIssues regarding PublicClientApplicationsquestionCustomer is asking for a clarification, use case or information.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions