MSAL token expires after 1 hour

azure authentication xamarin msal
10,723

Solution 1

Just to make a small clarification, MSAL doesn't actually issue tokens or decide a token expiration, but rather ingests an acquires token from the Azure AD STS.

MSAL will automatically refresh your access token after expiration when calling AcquireTokenSilentAsync. You're likely not getting automatic silent refreshes due to some kind of token cache miss. It's hard to say the specific issue without seeing your code, but i'll recommend comparing it against the official MSAL Xamarin code sample.

If you're building a Xamarin app, then it's a public client. The default token expirations right now are:

Access Tokens: 1 hour

Refresh Tokens: 90 days, 14 day inactive sliding window

Azure AD does allow you to configure these token expirations in PowerShell. You can define a token lifetime policy and then assign it to the specific Service Principal, across the tenant/organization, or on the application object. The other thing to keep in mind is if you're requesting a token for a specific resource, then the policy must be set on that resource rather than the requesting service principal or app. For more info on this, checkout configuring token lifetime in Azure AD.

Solution 2

There was an issue with the TokenCache due to which token was not stored properly and I was getting an exception. This has been resolved in the newer versions of Xamarin Android. Bug defined here

Share:
10,723
V. G.
Author by

V. G.

Updated on June 09, 2022

Comments

  • V. G.
    V. G. almost 2 years

    I am using MSAL for Azure AD authentication in a Xamarin app. The validity of the token is 1 day (seen using the value of ExpiresOn of AuthenticationResult). My problem is that, after 1 hour, AcquireTokenSilentAsync fails and then AcquireToken needs to be called.

    I am not able to understand that even though the token validity is 1 day, and the validity of refresh token is even more, why is it asking for authentication after every 1 hour ? Can this be changed using any parameter value or any other way ?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to use nativeclient redirect URI when authenticating with Microsoft Azure?
Login with AAD MSAL - Login is already in progress
Sample cypress script to bypass SSO
How do you generate the signature for an Azure Blob storage SAS token in Python?
How to do a OAuth 2.0 authentication in JMeter?
Azure Active Directory logout (clear persistent token)
How to signout from an Azure Application?
Using GraphServiceClient to get refresh tokens when authenticating using UserPasswordCredential in AuthenticationContext
How to add Azure AD Authentication to Existing ASP.NET MVC Application?
How to authenticate user with Azure Active Directory using OAuth 2.0?