Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow Prompt.None when acquiring a token after logging in #2065

Open
ravindu-edg opened this issue Mar 22, 2024 · 4 comments
Open

Allow Prompt.None when acquiring a token after logging in #2065

ravindu-edg opened this issue Mar 22, 2024 · 4 comments
Labels
Enhancement This is a feature request to add functionality that is not currently supported

Comments

@ravindu-edg
Copy link

I use MSAL in an app that supports login and edit profile features via Azure B2c. However, when the user logs in and tries to go to edit their profile via a different Policy, they are asked to enter the password again.

Is there a way to avoid this second login by perhaps setting "Prompt.None" or &prompt=none when calling the acquireToken() method in the SDK.

I have already tried

All the available Prompt types and not adding a prompt at all
Passing a token (from silent token acquisition) as a id_token_hint query parameter to acquire token
It seems that the .Net and Web SDKs have the ability to pass prompt=none but we are not able to do that with the native app sdks. Is there a possibility of adding this to the mobile SDKs? Also, would setting this allow the user to skip the second login?

@negoe
Copy link
Contributor

negoe commented Mar 26, 2024

@ravindu-edg This is functioning as anticipated. You will experience Single Sign-On (SSO), once you've completed the sign-in process, you will not need to sign in again for the Profile Edit journey.

Here's how to verify this:

  1. Initiate a new browser session and complete the sign-in process.
  2. In a new tab, navigate to the Profile Edit page by pasting its link. Ensure you remove the prompt=login query parameter from the URL.
  3. Upon accessing the link, you'll be directed immediately to your profile modification page, bypassing the sign-in page.

@ravindu-edg
Copy link
Author

Hi @negoe, the issue is that I'm unable to remove the prompt=login query parameter from the URL when using the SDK.

When I omit the withPrompt value as below, I still get &prompt=select_account in the URL.

val params = AcquireTokenParameters.Builder()
            .startAuthorizationFromActivity(activity)
            .fromAuthority(authority)
            .withScopes(listOf(BuildConfig.B2C_SCOPE))
            //.withPrompt(Prompt.LOGIN)
            .withCallback(authenticationCallback)
            .build()
        client.acquireToken(params)

@negoe
Copy link
Contributor

negoe commented Apr 8, 2024

@ravindu-edg Thank you for the clarification. I confirmed with our team, that as of today, we do not offer support for prompt=none. This is recognized as a request for a new feature. We will monitor the demand for this requirement closely and consider prioritizing it in the future should more customers express a need for it.

@negoe negoe added the Enhancement This is a feature request to add functionality that is not currently supported label Apr 8, 2024
@VolodaUa
Copy link

VolodaUa commented Jul 6, 2024

@ravindu-edg
Hi,

If i am not mistaken, you can reach the desired result by using this function - forAccount. The account you can get from library (application class)

https://learn.microsoft.com/en-us/java/api/com.microsoft.identity.client.tokenparameters.builder?view=azure-java-stable#com-microsoft-identity-client-tokenparameters-builder-foraccount(iaccount)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Enhancement This is a feature request to add functionality that is not currently supported
Projects
None yet
Development

No branches or pull requests

3 participants