Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BrowserAuthError: monitor_window_timeout when using ssoSilent in combination with MFA #7576

Open
2 tasks
DavidVollmers opened this issue Feb 18, 2025 · 0 comments
Open
2 tasks

BrowserAuthError: monitor_window_timeout when using ssoSilent in combination with MFA #7576

DavidVollmers opened this issue Feb 18, 2025 · 0 comments
Labels
b2c Related to Azure B2C library-specific issues bug-unconfirmed A reported bug that needs to be investigated and confirmed msal-browser Related to msal-browser package msal-react Related to @azure/msal-react Needs: Attention 👋 Awaiting response from the MSAL.js team public-client Issues regarding PublicClientApplications question Customer is asking for a clarification, use case or information.

Comments

@DavidVollmers
Copy link

Core Library

MSAL.js (@azure/msal-browser)

Core Library Version

3.26.1

Wrapper Library

MSAL React (@azure/msal-react)

Wrapper Library Version

2.1.1

Public or Confidential Client?

Public

Description

I switched from Azure B2C user policies to Identity Experience Framework using custom policies (based on the starter pack) and noticed that I now received a monitor_window_timeout error.

Since I couldn't find anything helpful in the troubleshooting I investigated the whole scenaro and found the following:

The authentication request done by the iFrame was running into the MFA orchestration step of the custom policy which made it timeout:

<!-- Phone verification: If MFA is not required, the next three steps (#5-#7) should be removed.
             This step checks whether there's a phone number on record,  for the user. If found, then the user is challenged to verify it. -->
<OrchestrationStep Order="7" Type="ClaimsExchange">
  <Preconditions>
    <Precondition Type="ClaimsExist" ExecuteActionsIf="true">
      <Value>isActiveMFASession</Value>
      <Action>SkipThisOrchestrationStep</Action>
    </Precondition>
  </Preconditions>
  <ClaimsExchanges>
    <ClaimsExchange Id="PhoneFactor-Verify" TechnicalProfileReferenceId="PhoneFactor-InputOrVerify" />
  </ClaimsExchanges>
</OrchestrationStep>

Not sure if this is intended or not but at least it is not documented.

I simply removed the orchestration step and it worked again but still wanted to highlight this for transparency...

Error Message

monitor_window_timeout

MSAL Logs

No response

Network Trace (Preferrably Fiddler)

  • Sent
  • Pending

MSAL Configuration

...

Relevant Code Snippets

...

Reproduction Steps

...

Expected Behavior

...

Identity Provider

Azure B2C Custom Policy

Browsers Affected (Select all that apply)

Chrome

Regression

No response
@DavidVollmers DavidVollmers added bug-unconfirmed A reported bug that needs to be investigated and confirmed question Customer is asking for a clarification, use case or information. labels Feb 18, 2025
@github-actions github-actions bot added b2c Related to Azure B2C library-specific issues msal-browser Related to msal-browser package msal-react Related to @azure/msal-react public-client Issues regarding PublicClientApplications labels Feb 18, 2025
@microsoft-github-policy-service microsoft-github-policy-service bot added the Needs: Attention 👋 Awaiting response from the MSAL.js team label Feb 18, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
b2c Related to Azure B2C library-specific issues bug-unconfirmed A reported bug that needs to be investigated and confirmed msal-browser Related to msal-browser package msal-react Related to @azure/msal-react Needs: Attention 👋 Awaiting response from the MSAL.js team public-client Issues regarding PublicClientApplications question Customer is asking for a clarification, use case or information.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@DavidVollmers