Clear the token cache using MSAL.NET

Web API and daemon apps

There is no API to remove the tokens from the cache. Cache size should be handled by setting eviction policies on the underlying storage. See Cache Serialization for details on how to use a memory cache or distributed cache.

Desktop, command line and mobile applications

When you acquire an access token using the Microsoft Authentication Library for .NET (MSAL.NET), the token is cached. When the application needs a token, it should first call the AcquireTokenSilent method to verify if an acceptable token is in the cache.

Clearing the cache is achieved by removing the accounts from the cache. This does not remove the session cookie which is in the browser, though. The following example instantiates a public client application, gets the accounts for the application, and removes the accounts.

private readonly IPublicClientApplication _app;
private static readonly string ClientId = ConfigurationManager.AppSettings["ida:ClientId"];
private static readonly string Authority = string.Format(CultureInfo.InvariantCulture, AadInstance, Tenant);

_app = PublicClientApplicationBuilder.Create(ClientId)
                .WithAuthority(Authority)
                .Build();

var accounts = (await _app.GetAccountsAsync()).ToList();

// clear the cache
while (accounts.Any())
{
   await _app.RemoveAsync(accounts.First());
   accounts = (await _app.GetAccountsAsync()).ToList();
}

To learn more about acquiring and caching tokens, read acquire an access token.