New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to populate getAccount
silently
#1387
Comments
@arsnyder16 You can silently SSO to an existing AAD/MSA session by calling We are working to add this as a new top-level API, |
Yea I am trying to avoid tracking a loginHint, my best guess is to store something in local storage from the last known session and try to use that. That won't be super reliable. If i am understanding correctly |
now that i look at the details of the PR, All it is doing is passing the clientId for you but you already had to initialzie the UserAgentApplication with the correct clientId anyway. I guess its just to avoid confusion with calling acquireTokenSilent when you really just want to login? |
Just to elaborate on my use case since the PR does have a discussion around requiring loginHint. My use case is really to just try and identify any open session so i can show the sign out button, but i can see down the road the need to show an identity chooser directly in my UI. For example if i am showing a list of files from the users one drive. They might be using their personal and business identities. It would be a better experience for me to have a drop down control so they can easily switch between accounts. Currently i would need to show a popup window and have the user choose through the Microsoft interface. |
@arsnyder16 Correct, |
@jasonnutter What if there is only 1 active session? It seems logical to that it could be retrieved without a login hint I think it would be a good feature to allow the client to the library to retrieve all the active sessions. So they can build interfaces and constructs based on them. As I mention above |
@jasonnutter For more context. We have a commercial application that has both web and desktop(mac/win) interfaces, similar to Office. We are integrating with different cloud repositories, onedrive/google drive/dropbox etc. So a user may choose to open one of our files from onedrive or they may choose google drive. They may also do a combination of both. For our desktop components we are using embedded CEF to handle some of these integration pieces so that we can share as much logic as possible with the web versions. When opening the desktop application you may already have a valid cookie (choosing yes on the do you want to stay signed in page) and be able to create implicitly authorize with MSAL/OneDrive/Microsoft Graph. We would like to supply our users with an interface to show them what account are currently active, it may be a list that is combination of different providers maybe a google identity, a onedrive for business identity and a onedrive personal identity. Within that list we want to allow them to log out or see more details of the individual identities. In order to build all this it would be very helpful if msal would supply a way to get all active sessions and furthermore switch and log out of individual ones. I am sort of piecing it all together currently, but with some enhancements to MSAL.JS it could be a little more straight forward. |
The problem is that your application cannot know for sure that there is only one currently active session before calling MSAL. We are planning on adding multiple account support to MSAL (ETA next quarter, I believe), which I believe will solve this use case. |
@jasonnutter Great! Yea that will be beneficial. Is there a work item that i can follow? |
@arsnyder16 You can follow #1082 |
Closing issue |
Please follow the issue template below. Failure to do so will result in a delay in answering your question.
Library
msal@1.x.x
or@azure/msal@1.x.x
@azure/msal-browser@2.x.x
@azure/msal-angular@0.x.x
@azure/msal-angular@1.x.x
@azure/msal-angularjs@1.x.x
Description
I am trying to silently populate UserAgentApplication account object silently without requiring a login (
loginPopup
,loginRedirect
). MSAL is a secondary feature so i do not want to require a login.If i call
acquireTokenSilent
without aloginHint
it will error.If i hard code the loginHint everything works as expected. Is it possible to allow the library to traverse all logged in accounts? Similar how to the login/logout interfaces support multiple accounts.
My use case is sort of specific in that all i want to know is if there is any active account so i can show a signout button, but it would be a nice feature of the Library to be able to get all those accounts.
Examples:
The text was updated successfully, but these errors were encountered: