-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Silent logout, login without cache token #4335
Comments
@bumbel42so We are currently working on a feature to improve the logout experience, and will have documentation when it is ready. In the meantime, you can try setting the browser cache location to |
@bumbel42so This issue has been automatically marked as stale because it is marked as requiring author feedback but has not had any activity for 5 days. If your issue has been resolved please let us know by closing the issue. If your issue has not been resolved please leave a comment to keep this open. It will be closed automatically in 7 days if it remains stale. |
@jo-arroyo I tried it with |
@bumbel42so The silent sign-out feature is committed but we don't have an ETA to share at the moment. We will link the pull request containing this feature when it is ready so that you can track its progress. New versions of our libraries are released on the first Monday of every month. |
Assigning to @hectormmg, who will be working on this. |
Core Library
MSAL.js v2 (@azure/msal-browser)
Core Library Version
2.20.0
Wrapper Library
MSAL Angular (@azure/msal-angular)
Wrapper Library Version
2.0.6
Description
Hi guys,
i have a little special use case: I have a signed in user in my application, but the app requires also an four eyes principle. So I have to aquire a token(which will be checked in backend) for a second user with prompt login.
This is where my problems start:
If i aquire the token for the second user, the second user stays logged in and i have to show the logout page where the second user must interactivate again.
Currently this is a security issue, because if logout is not properly executed it is possible to sign in to all microsoft services via SSO
So i look for a solution to aquire a token without being cached or an option to logout silent. Can you help me please?
MSAL Configuration
Relevant Code Snippets
Identity Provider
Azure AD / MSA
Source
External (Customer)
The text was updated successfully, but these errors were encountered: