Azure AD + MSAL: Changing policies for auth without redirecting?

Miko Ademagic 1 Reputation point

I'm building a SPA with React + react-aad-msal. One of our signup flows is via email, which sends you a link that contains an id token hint and directs you from our app to the sign up page. Once you've filled out the form and submitted it, we'd like you to be signed in/authenticated when you enter the app. This works well if you stay on our sign up policy.

However, most of our app authenticates the user via the sign in policy. We conditionally check which policy should be passed to the MSAL auth config based on the user's state, i.e. If the user's entered from an invitation link it will use the sign up policy. Once we return from the sign up page, we try to authenticate with the sign in policy and we can't retrieve a valid auth token. This means that our users Sign Up, then return to the app, then have to Sign In again.

Is there a recommended way to change policies in an SPA and be able to authenticate correctly, without being redirected to our policy's auth page? My ideal flow is that the user completes the Sign Up form which logs them in, and is able to use the app until they are logged out, at which point they will have to Sign In.

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
13,473 questions
Azure Active Directory External Identities
{count} votes

1 answer

Sort by: Most helpful
  1. Alfredo Revilla (MSFT) 16,611 Reputation points Microsoft Employee

    Hello, the signup flow will return an id token and session token making the user effectively logged in. You should not need to call the signin flow again, and even then you should not be asked to re-authenticate thanks to the session token unless you're adding the prompt=login param to the call.

    Please let me know if you need more help. If the answer was helpful to you, please accept it and, optionally, provide feedback so that other members in the community can benefit from it.