MSAL - disable the Azure Login Popup

dev dev 1 Reputation point
2021-02-20T10:46:27.3+00:00

Hi, I have a question regarding an application that uses Azure Authentication using MSAL. When using MSAL in an application (via typescript/ javascript) a popup/ prompt appears for the user the enter their username and password (similar to the screenshot attached). ![70188-azure-b2c-angular-4.png][1] After providing the details, a number of properties are set in HTML 5 local storage. The significance of this is that when the user next logs into the application, they do no need to provide their username and password again, thus the prompt does not appear. This is a "acquiring the token silently". One of the things I'm looking for is whether to acquire the token silently (i.e. to login via Azure) without the popup appearing, on the first launch of the application. Is there any way of achieving this via using MSAL? thanks. [1]: /api/attachments/70188-azure-b2c-angular-4.png?platform=QnA

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,082 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. AmanpreetSingh-MSFT 56,441 Reputation points
    2021-02-23T06:17:59.01+00:00

    Hi @dev dev · Thank you for reaching out.

    For acquiring tokens using MSAL.js, the library first attempt a silent token request by using the acquireTokenSilent method and checks the cache in browser storage to see if a valid token exists and returns it. If no valid token is in the cache, it sends a silent token request to Azure Active Directory (Azure AD) from a hidden iframe which allows the library to renew tokens. However, if no valid Azure AD Session exists, silent token request fails and user can be either provided with a login popup or redirect.

    In your case, at the first launch of the application, when no valid token in the cache or valid Azure AD Session is found, silent token request fails and you are presented with the login popup but subsequent logins work without login popup.

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments

  2. testuser7 271 Reputation points
    2021-07-21T16:23:24.403+00:00

    @AmanpreetSingh-MSFT

    I am asking in this same thread as my point is similar but not totally same.

    Before I get back to the app-vendor, I want to make sure that I prescribe what is possible from our Azure-AD point of view.

    Matter is, my windows 10 session has currently 3 PRTs (one of those is of course for my account used to unlock device)
    There is a Zscaler desktop app. When this app is trying to sign me in, it is showing me the AAD popup

    We want to make sure that Zscaler does NOT show this popup and picks the PRT that is for the account used to unlock device.
    There is a big security hole if Zscaler does not automatically pick the account.

    Any suggestion is highly appreciated.

    Thanks.

    0 comments No comments