-
Notifications
You must be signed in to change notification settings - Fork 328
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug] Login problems points to no internet connection #4721
Comments
If MSAL is not updated and this started happening suddenly, it usually points to an Entra Id service endpoint issue. |
Thanks @trwalke . If in doubt, mark it as bug please... |
@marionoack - can you please verify whether this is still happening? |
@localden Yes, last friday on my computer and another colleague on other location (different provider, during Teams call => connection available): 2024-05-17 12:12:17 - Error - True MSAL 4.60.3.0 MSAL.Desktop 4.8 or later Windows 10 Pro [2024-05-17 10:12:17Z] [RuntimeBroker] WAM_network_error_3400007680 WAM Error |
@marionoack @localden Any WAM error from following Facility AA3, AA7, AA8 (ex: 0xCAA70004, 0xCAA70007, 0xCAA3012C, 0xCAA80000) corresponds to network environment configuration issue. Error Code: 3400007680 corresponds to 0xCAA80000. WAM team recommends these tips to customers for troubleshooting such network related issues:
C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Microsoft.AAD.BrokerPlugin.exe C:\Windows\System32\backgroundTaskHost.exe Ask the customer if they have a firewall or antivirus that blocks WAM or the primary destination. Primary destination: https://login.microsoftonline.com/ This DNS name covers a lot of IP addresses (lots of services as well), sometimes some of these addresses are blocked in the customer environment for no reason, this causes intermittent problems in some device, but others work fine.
Open every file with a binary editor for read. If it is filled with zeroes (00 00 00…), then it is token binding issue. You need to delete those files.
Troubleshooting doc - https://supportability.visualstudio.com/AzureAD/_wiki/wikis/AzureAD/614537/Troubleshooting-WAM-related-SSO-issues?anchor=investigation-of-network-issues |
Library version used
4.60.3
.NET version
4.8 x64
Scenario
PublicClient - desktop app
Is this a new or an existing app?
The app is in production, I haven't upgraded MSAL, but started seeing this issue
Issue description and reproduction steps
Sometimes I get in my application during requesting token (interactive with broker) an error like:
The reason looks clear, but I see no internet connection issues. So I look at msal.log (level information) and I can located a difference to other application logins:
The difference to successful logins are additional logs like:
I have no idea. I don't request any scope.
Relevant code snippets
No response
Expected behavior
Successful login and fullfilment of token request.
Identity provider
Microsoft Entra ID (Work and School accounts and Personal Microsoft accounts)
Regression
No response
Solution and workarounds
Try the same a second time will works fine in most cases.
The text was updated successfully, but these errors were encountered: