[Feature Request] Support "spa_accountId" response parameter from STS #3994
Comments
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
Is your feature request related to a problem? Please describe.
Azure Portal is working on a feature (called the WebNativeBridge) which enables it to use OS single sign-in state. This feature initializes MSAL.JS with a parameter "accountId" which is a handle into the native operation system instead of the normal OAuth authorization code parameter. When Azure Portal uses this feature in its "hybrid SPA" implementation, the server returns this parameter to the confidential client in the field "spa_accountId" instead of the existing parameter "spa_code". MSAL.JS needs to use this parameter to initialize itself.
Describe the solution you'd like
Like AuthResult.SPA_CODE, expose AuthResult.SPA_ACCOUNTID.
Describe alternatives you've considered
Alternatively, expose AuthResult.AdditionalParameters, so we can access AuthResult.AdditionalParameters["spa_accountId"].
Another alternative considered - putting spa code and spa accountid in the same field - does not work. Both codes and accountids are opaque. MSAL.JS needs to know whether the opaque value used to initialize it is an authorization code or an accountId.
Additional context
Part of zod.
** Algorithm **
Note ^^ that MSAL.NET does not make /authorization calls, it just formats the URL and using
WithExtraQueryParametersis sufficient here.The text was updated successfully, but these errors were encountered: