This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Is it possible to make equivalent call to acquire tokens using msal library:
https://tenantname.b2clogin.com/tenantname.onmicrosoft.com/b2c_1a_signin/oauth2/v2.0/token
Headers:
grant_type: refresh_token
refresh_token: ey............
scope: .....
client_id: b2c_client_id
Basically what I am trying to do, App1 passes my App2 refresh_token, and I want to call acquiretoken using msal so that it generates client-side storage of token (cookies).
App1 is a native mobile app,
App2 is a spa web application
Please suggest if this is the best way to do it or is there any other way to avoid interactive-login when user moves from App1 to App2.
Thank you
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 20%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hi @Anonymous ,
Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
Thanks,
Shweta
Hi @Anonymous ,
Thanks for reaching out.
If both of your applications are in one B2C tenant, then the best way to move between two applications without login is to configure Single Sign On.
You can control SSO behavior by using the below settings in Azure AD B2C:
If you are using User Flow, go to properties of the user flow and set below settings to either Tenant or Policy. If you set it to policy, SSO experience between both the applications will be provided when both applications are authenticated via same user flow.
If you are using a custom policy, you can set the above setting by configuring the SingleSignOn Scope to either Tenant or Policy in the RP file (signup/sign-in file).
<RelyingParty>
<DefaultUserJourney ReferenceId="SignUpOrSignIn" />
<UserJourneyBehaviors>
<SingleSignOn Scope="Tenant" KeepAliveInDays="30" />
<SessionExpiryType>Absolute</SessionExpiryType>
<SessionExpiryInSeconds>1200</SessionExpiryInSeconds>
</UserJourneyBehaviors>
Hope this will help.
Thanks,
Shweta
-----------------------------------------
Please remember to "Accept Answer" if answer helped you.
Hi Shweta,
Thank you for your response,
App1, has acquired the tokens using REST API calls not through Interactive login. Because login to App1, is through SSO from a federated identity provider (custom flow that we couldn't use MSAL library).
Because there was no webview utilized when App1 acquired tokens, acquireTokenSilent will not work on App2 because no local-storage (cookies) was created.
Can you please suggest in this case, is there any way I can acquire token on App2, without interactive login.
Thank you.
Thanks for the update.
You cannot share the token between two applications.
You have to acquire a token interactively on the App2, and the interactive flow will rely on AAD B2C session cookies to give the user Single Sign On.
Azure AD B2C doesn't control the federated identity provider session and session behavior is determined by the federated identity provider.
As mentioned, here, you need to maintain the session in the x-ms-cpim-sso:{Id} cookie which doesn't seem to be possible in your case as you have acquired token in App1 using federated identity provider.
Thanks,
Shweta
-------------------------
Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.