Microsoft API timeouts for SSO requests from 3rd party website

Miles 0 Reputation points
2024-09-18T10:43:29.4533333+00:00

HI MS community,

Many of my team and clients are having issues logging into Broadcom/VMWare's VCO SDWAN orchestrators ,which use MS SSO services via login.microsoftonline.com. It times out more often than not.

Broadcom are saying this is a known Microsoft API issue and Microsoft must be engaged to resolve, but we have another website with similar SSO setup that is not having these issues & many of our clients use their own MS Azure tenancies in different regions, so no common set of virtual machines here.

We have seen via https://graph.microsoft.com/ an event: "

"code":"InvalidAuthenticationToken","message":"Access token is empty.","innerError"

"

Is there a known MS API issue related to SSO authentication services? I cannot find anything online.

Appreciate any help on this.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,797 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Raja Pothuraju 6,510 Reputation points Microsoft Vendor
    2024-09-25T16:00:08.6633333+00:00

    Hello @Miles,

    Thank you for posting your query on Microsoft Q&A.

    Based on your description, I understand that you're experiencing issues with Broadcom/VMware SD-WAN Orchestration. When attempting to log in, you're encountering timeouts. After contacting the Broadcom team, they indicated that the issue stems from the Microsoft side, based on an API call.

    I noticed that you have a similar setup with another application where you're able to log in without any timeouts. If there were an ongoing issue with the Graph API, it would affect all applications utilizing it, not just one. Based on your description, this issue seems isolated to a single application, and after checking internally, I can confirm that there are no ongoing issues with Microsoft's Graph API.

    Regarding the error message: "code":"InvalidAuthenticationToken","message":"Access token is empty.","innerError", this indicates that Microsoft Graph API did not receive an access token. This typically occurs when the application fails to request an access token, which suggests an issue with the app’s implementation, not Entra ID.

    Entra ID only provides tokens; it is the application's responsibility to request and renew tokens during authorization.

    If you're still stuck on this, you can feel free to send me an email at AzCommunity@microsoft.com referencing this issue with a subject line "ATTN:pothurajur" include a link to the current thread.

    I hope this information is helpful. Please feel free to reach out if you have any further questions.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Thanks,
    Raja Pothuraju.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.