MSAL get_accounts() method correctly returns the account id, but only 'username' has an empty value.

Question

hello, I am using MSAL for python.

I have created an AADB2C tenant, added user:taro, and registered the application. I defined app1.

app1 = msal.ConfidentialClientApplication(client_id=CLIENT_ID, authority=AUTHORITY, client_credential=CLIENT_SECRET, token_cache=cache)

and get url.

app1.get_authorization_request_url([], state=None, redirect_uri=REDIRECT_PATH)

The URL obtained in the above code is used to transition to the login screen and have user/taro log in. The code is obtained from the query of the returned URL, and the code is used.

token = app1.acquire_token_by_authorization_code(code=code['code'], scopes=SCOPE, redirect_uri=REDIRECT_PATH).

The cache was serialized as follows

cache = cache.serialize()

Here is the question.

• I used acquire_token_silent as follows, but nothing is returned, is this normal behavior?

result = app1.acquire_token_silent(scopes=SCOPE, account=None)

print(result)
  None

• I then further instantiated a ConfidentialClientApplication with a deserialized cache and used get_accounts(), but home_account_id, local_account_id, etc. The information for user:taro is displayed correctly, but only the username is returned empty. What is the cause and how can I get the username of taro to be returned?

Can someone please help me?
thank you.

Translated with www.DeepL.com/Translator (free version)

Answer 1

@Satoshi Ono (aixtal) , acquire_token_silent will return None in case of an error. To get error details, call acquire_token_silent_with_error.

Regarding null username, this is known issue with Azure AD B2C. The simplest work-around is to avoid passing a username param to get_accounts and filter them by different criteria.

Let us know if you need additional assistance. If the answer was helpful, please accept it and rate it so that others facing similar issues can more easily find a solution.