MSAL.net is not handling dual headed accounts that share the same UPN for both an MSA and an AAD account. #4425
Comments
iulico-1
added
untriaged
bgavrilMS
added
bug
P2
WAM
public-client
not_cpp_wrapper_issue
and removed
untriaged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Library version used
4.57.0
.NET version
6.0.416
Scenario
PublicClient - desktop app
Is this a new or an existing app?
The app is in production, and I have upgraded to a new version of MSAL
Issue description and reproduction steps
Currently MSA passthrough doesn't work as expected for silent token acquisition flows because MSAL.net normalizes /organizations authority using accounts home tenant. This logic made sense for V1 requests, but it breaks MSA passthrough flows using the runtime.
Relevant code snippets
No response
Expected behavior
Application using /organizations can request ATs using MSA passthrough accounts
Identity provider
Microsoft Entra ID (Work and School accounts and Personal Microsoft accounts)
Regression
No response
Solution and workarounds
No response
The text was updated successfully, but these errors were encountered: