Skip to content

Azure B2C invalid_instance #7687

New issue
New issue
Open
Open
Azure B2C invalid_instance#7687
Labels
Needs: Author FeedbackAwaiting response from issue authorb2cRelated to Azure B2C library-specific issuesbug-unconfirmedA reported bug that needs to be investigated and confirmedmsal-angularRelated to @azure/msal-angular packagemsal-browserRelated to msal-browser packageno-issue-activityIssue author has not responded in 5 dayspublic-clientIssues regarding PublicClientApplicationsquestionCustomer is asking for a clarification, use case or information.
@cheoalfredo

Description

@cheoalfredo
cheoalfredo
opened on Apr 4, 2025

Core Library

MSAL.js (@azure/msal-browser)

Core Library Version

4.8.0

Wrapper Library

MSAL Angular (@azure/msal-angular)

Wrapper Library Version

4.0.7

Public or Confidential Client?

Public

Description

when setting msaljs for an angular standalone app for azure B2C, i set the authority to "https://tenant.b2clogin.com/tenant.onmicrosoft.com/policy/" and i keep getting the following error :

[email protected] : Warning - A CloudInstanceDiscoveryErrorResponse was returned. The cloud instance discovery network request's status code is: 400

[email protected] : Error - The CloudInstanceDiscoveryErrorResponse error is invalid_instance.

and the respective 400 from the get to the endpoint discovery

https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=https://xxxx.b2clogin.com/xxxx.onmicrosoft.com/b2c_xxxx/oauth2/v2.0/authorize

Image

i tried using the authority with the format "https://instance/tfp/tenant/policy" as per recommedation in PublicClientApplication.ts and it does not work either.

Image

please help, i also tried v3 and v4 in an standalone app (angular19) and the same issue

Error Message

[email protected] : Warning - A CloudInstanceDiscoveryErrorResponse was returned. The cloud instance discovery network request's status code is: 400

[email protected] : Error - The CloudInstanceDiscoveryErrorResponse error is invalid_instance.

MSAL Logs

No response

Network Trace (Preferrably Fiddler)

  • Sent
  • Pending

MSAL Configuration

{ 
  auth: {
        clientId: '<client_id>',
        authority: 'https://<tenant>.b2clogin.com/<tenant>.onmicrosoft.com/B2C_mypol',
        knownAuthorities: ['<tenant>.b2clogin.com'],
      },
}

Relevant Code Snippets

loginRedirect() {
    if (this.msalGuardConfig.authRequest) {
      this.authService.loginRedirect({
        ...this.msalGuardConfig.authRequest,
      } as RedirectRequest);
    } else {
      this.authService.loginRedirect();
    }
  }

Reproduction Steps

  1. setup msaljs according to documentation (sample) in https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-angular-samples/angular-standalone-sample
  2. set authority, clientid and knownAuthorities for msalConfig
  3. Run the app

Expected Behavior

navigate ti azure bc2 to login the user

Identity Provider

Azure B2C Basic Policy

Browsers Affected (Select all that apply)

Chrome, Firefox, Edge

Regression

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    Needs: Author FeedbackAwaiting response from issue authorb2cRelated to Azure B2C library-specific issuesbug-unconfirmedA reported bug that needs to be investigated and confirmedmsal-angularRelated to @azure/msal-angular packagemsal-browserRelated to msal-browser packageno-issue-activityIssue author has not responded in 5 dayspublic-clientIssues regarding PublicClientApplicationsquestionCustomer is asking for a clarification, use case or information.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions