InteractionRequiredAuthError: AADSTS50058: A silent sign-in request was sent but no user is signed in.

Question

I have used "@azure/msal-angular": "^1.0.0" library in my angular project(v9). But for Safari browser(v13.1.1) as well as ios device (13+) I get the following error:

InteractionRequiredAuthError: AADSTS50058: A silent sign-in request was sent but no user is signed in.

Any help will be appreciated

Answer 1

Hi @Nisha Thakur ,

If it's working fine in other places but having issues in Safari and ios devices, it's possible that this is happening due to browser extension cookie blockers and third party cookies disabled.

Please check out the solutions presented in the troubleshooting guide for this error:

Reason for AADSTS50058
The reason that the error occurs is because a silent sign in is sent to the login.microsoftonline.com endpoint, however the AADSSO cookie isn't being detected. This cookie determines if the user is logged in or not. The silent sign in is only meant to be used if the user is already known to be logged in or has a refresh token to exchange for a new access token.

By checking the KMSI box the first time logging in, this will add the KMSI cookie to let you refresh your access token so that users won't receive this error for a longer period of time.

Possible Resolution #1 Proactively Check for Expiration
You can attempt to prevent this error from ever occurring by checking if you have a valid id token. If you're ID token is not valid, you will ask the user to login again. You can check if the ID Token is valid by getting the token using AuthenticationContext.getCachedToken(clientID) and then checking the Expiration in the JWT Token.

Possible Resolution #2 Catching the Error and Asking the User to Login Again
To resolve this error you will need to catch this error in a callback that you can pass into the acquiretoken ADAL JS function. If the AADSTS50058 error occurs, you'll ask the user to login again.

Possible Resolution #3 Browser Extension Cookie Blockers and Third Party Cookies Disabled
Some users may experience this issue due to a browser extension that is blocking cookies for tracking purposes. This will cause this AADSTS50058 error to occur, you will need to whitelist the login.microsoftonline.com endpoint in your browser extension in order to avoid receiving this error again.

This error can also occur if the third party cookies have been disabled in your browser. Re-enable third party cookies in your browser to prevent this error from occurring.

Answer 2

Hi,
Came across this page while searching for resolutions for the same problem, but in Chrome browser.
Apparently the solution was lying in the very last line of the answer from MarileeTurscak: "This error can also occur if the third party cookies have been disabled in your browser. Re-enable third party cookies in your browser to prevent this error from occurring."

I was using Chrome browser in Incognito mode.
And the default settings for chrome says "Block third-party cookies in Incognito".
Changed this to "Allow all cookies" and that is all that was required.!

Thanks MarileeTurscak!

Answer 3

@Marilee Turscak-MSFT

I have third party cookies allowed in my Chrome. In fact I have added [*.]microsoftonline.com in Sites that can always use cookies

However still I am getting AADSTS50058 on Chrome. I am NOT getting this error on Edge while hitting EXACT SAME URL shown below.

https://login.microsoftonline.com/5abbc4c8-c6a0-4211-b75f-b372350510/oauth2/v2.0/authorize?client_id=309426cc-4483-4ee5-aba9-a057a4d49938
&response_type=code&scope=api://11adcfe4-5b3d-47c2-82c5-2654c70e179c/myscope1 offline_access&redirect_uri=https://jwt.ms&nonce=23493&prompt=none&login_hint=testuser26@mylabtenant.onmicrosoft.com

Thanks.