@azure/msal-browser 4.27.0 → 4.28.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (376) hide show
  1. package/dist/app/IPublicClientApplication.mjs +1 -1
  2. package/dist/app/PublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientNext.mjs +1 -1
  4. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  5. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  8. package/dist/cache/AccountManager.mjs +1 -1
  9. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  10. package/dist/cache/BrowserCacheManager.d.ts +3 -3
  11. package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
  12. package/dist/cache/BrowserCacheManager.mjs +10 -6
  13. package/dist/cache/BrowserCacheManager.mjs.map +1 -1
  14. package/dist/cache/CacheHelpers.mjs +1 -1
  15. package/dist/cache/CacheKeys.mjs +1 -1
  16. package/dist/cache/CookieStorage.mjs +1 -1
  17. package/dist/cache/DatabaseStorage.mjs +1 -1
  18. package/dist/cache/EncryptedData.mjs +1 -1
  19. package/dist/cache/LocalStorage.mjs +1 -1
  20. package/dist/cache/MemoryStorage.mjs +1 -1
  21. package/dist/cache/SessionStorage.mjs +1 -1
  22. package/dist/cache/TokenCache.d.ts +3 -2
  23. package/dist/cache/TokenCache.d.ts.map +1 -1
  24. package/dist/cache/TokenCache.mjs +39 -29
  25. package/dist/cache/TokenCache.mjs.map +1 -1
  26. package/dist/config/Configuration.mjs +1 -1
  27. package/dist/controllers/ControllerFactory.mjs +1 -1
  28. package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
  29. package/dist/controllers/NestedAppAuthController.mjs +3 -3
  30. package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
  31. package/dist/controllers/StandardController.d.ts.map +1 -1
  32. package/dist/controllers/StandardController.mjs +3 -3
  33. package/dist/controllers/StandardController.mjs.map +1 -1
  34. package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
  35. package/dist/crypto/BrowserCrypto.mjs +1 -1
  36. package/dist/crypto/CryptoOps.mjs +1 -1
  37. package/dist/crypto/PkceGenerator.mjs +1 -1
  38. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  39. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  40. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  41. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  42. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  43. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  44. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  45. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  46. package/dist/custom-auth-path/cache/BrowserCacheManager.d.ts +3 -3
  47. package/dist/custom-auth-path/cache/BrowserCacheManager.d.ts.map +1 -1
  48. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +10 -6
  49. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs.map +1 -1
  50. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  51. package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
  52. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  53. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  54. package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
  55. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  56. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  57. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  58. package/dist/custom-auth-path/cache/TokenCache.d.ts +3 -2
  59. package/dist/custom-auth-path/cache/TokenCache.d.ts.map +1 -1
  60. package/dist/custom-auth-path/cache/TokenCache.mjs +39 -29
  61. package/dist/custom-auth-path/cache/TokenCache.mjs.map +1 -1
  62. package/dist/custom-auth-path/config/Configuration.mjs +1 -1
  63. package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
  64. package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
  65. package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
  66. package/dist/custom-auth-path/controllers/StandardController.mjs +3 -3
  67. package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
  68. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  69. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  70. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  71. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  72. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  73. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  74. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  75. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  76. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  77. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  78. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  79. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  80. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  81. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  82. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  83. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  84. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  86. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  96. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  97. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  98. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  99. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  100. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  101. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  102. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  104. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  105. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  106. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  107. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  108. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts +1 -1
  109. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
  110. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +3 -3
  111. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs.map +1 -1
  112. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  113. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
  114. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +2 -2
  115. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs.map +1 -1
  116. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +1 -1
  118. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +2 -2
  119. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs.map +1 -1
  120. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  123. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  124. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  125. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  126. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  128. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  129. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  130. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  132. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  133. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  134. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  135. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  136. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  137. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  141. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  142. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  143. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
  144. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +2 -2
  145. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs.map +1 -1
  146. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  147. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  148. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  149. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  150. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  151. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  152. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  153. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  154. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  155. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  156. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  157. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  158. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  159. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  160. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  161. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  162. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  163. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  164. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  165. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  166. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  167. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  168. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  169. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  170. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  171. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
  172. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +6 -6
  173. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs.map +1 -1
  174. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  175. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  176. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  177. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  178. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  179. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  180. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  181. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  182. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  183. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  184. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  185. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  186. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  187. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  188. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  189. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  190. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  191. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  192. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  193. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  194. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  195. package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
  196. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  197. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  198. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  199. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  200. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  201. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  202. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +3 -3
  203. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  204. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
  205. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
  206. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
  207. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +2 -2
  208. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs.map +1 -1
  209. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  210. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +1 -1
  211. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.d.ts.map +1 -1
  212. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +2 -2
  213. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs.map +1 -1
  214. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
  215. package/dist/custom-auth-path/interaction_handler/InteractionHandler.d.ts +3 -2
  216. package/dist/custom-auth-path/interaction_handler/InteractionHandler.d.ts.map +1 -1
  217. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +5 -5
  218. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs.map +1 -1
  219. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
  220. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  221. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  222. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  223. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  224. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  225. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  226. package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
  227. package/dist/custom-auth-path/protocol/Authorize.mjs +3 -3
  228. package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
  229. package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
  230. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  231. package/dist/custom-auth-path/utils/BrowserConstants.d.ts +20 -1
  232. package/dist/custom-auth-path/utils/BrowserConstants.d.ts.map +1 -1
  233. package/dist/custom-auth-path/utils/BrowserConstants.mjs +27 -3
  234. package/dist/custom-auth-path/utils/BrowserConstants.mjs.map +1 -1
  235. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  236. package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
  237. package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
  238. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
  239. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  240. package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts +1 -1
  241. package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
  242. package/dist/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
  243. package/dist/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +1 -1
  244. package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
  245. package/dist/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
  246. package/dist/encode/Base64Decode.mjs +1 -1
  247. package/dist/encode/Base64Encode.mjs +1 -1
  248. package/dist/error/BrowserAuthError.mjs +1 -1
  249. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  250. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  251. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  252. package/dist/error/NativeAuthError.mjs +1 -1
  253. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  254. package/dist/error/NestedAppAuthError.mjs +1 -1
  255. package/dist/event/EventHandler.mjs +1 -1
  256. package/dist/event/EventMessage.mjs +1 -1
  257. package/dist/event/EventType.mjs +1 -1
  258. package/dist/index.mjs +1 -1
  259. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  260. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  261. package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  262. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +3 -3
  263. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
  264. package/dist/interaction_client/PopupClient.mjs +1 -1
  265. package/dist/interaction_client/RedirectClient.mjs +1 -1
  266. package/dist/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
  267. package/dist/interaction_client/SilentAuthCodeClient.mjs +2 -2
  268. package/dist/interaction_client/SilentAuthCodeClient.mjs.map +1 -1
  269. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  270. package/dist/interaction_client/SilentIframeClient.mjs +1 -1
  271. package/dist/interaction_client/SilentRefreshClient.d.ts.map +1 -1
  272. package/dist/interaction_client/SilentRefreshClient.mjs +2 -2
  273. package/dist/interaction_client/SilentRefreshClient.mjs.map +1 -1
  274. package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
  275. package/dist/interaction_handler/InteractionHandler.d.ts +3 -2
  276. package/dist/interaction_handler/InteractionHandler.d.ts.map +1 -1
  277. package/dist/interaction_handler/InteractionHandler.mjs +5 -5
  278. package/dist/interaction_handler/InteractionHandler.mjs.map +1 -1
  279. package/dist/interaction_handler/SilentHandler.mjs +1 -1
  280. package/dist/naa/BridgeError.mjs +1 -1
  281. package/dist/naa/BridgeProxy.mjs +1 -1
  282. package/dist/naa/BridgeStatusCode.mjs +1 -1
  283. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  284. package/dist/navigation/NavigationClient.mjs +1 -1
  285. package/dist/network/FetchClient.mjs +1 -1
  286. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  287. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  288. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  289. package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
  290. package/dist/packageMetadata.d.ts +1 -1
  291. package/dist/packageMetadata.mjs +2 -2
  292. package/dist/protocol/Authorize.d.ts.map +1 -1
  293. package/dist/protocol/Authorize.mjs +3 -3
  294. package/dist/protocol/Authorize.mjs.map +1 -1
  295. package/dist/request/RequestHelpers.mjs +1 -1
  296. package/dist/response/ResponseHandler.mjs +1 -1
  297. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  298. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  299. package/dist/utils/BrowserConstants.d.ts +20 -1
  300. package/dist/utils/BrowserConstants.d.ts.map +1 -1
  301. package/dist/utils/BrowserConstants.mjs +27 -3
  302. package/dist/utils/BrowserConstants.mjs.map +1 -1
  303. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  304. package/dist/utils/BrowserUtils.mjs +1 -1
  305. package/dist/utils/Helpers.mjs +1 -1
  306. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  307. package/lib/custom-auth-path/msal-custom-auth.cjs +190 -140
  308. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  309. package/lib/custom-auth-path/msal-custom-auth.js +22608 -0
  310. package/lib/custom-auth-path/msal-custom-auth.js.map +1 -0
  311. package/lib/custom-auth-path/types/cache/BrowserCacheManager.d.ts +3 -3
  312. package/lib/custom-auth-path/types/cache/BrowserCacheManager.d.ts.map +1 -1
  313. package/lib/custom-auth-path/types/cache/TokenCache.d.ts +3 -2
  314. package/lib/custom-auth-path/types/cache/TokenCache.d.ts.map +1 -1
  315. package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
  316. package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
  317. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  318. package/lib/custom-auth-path/types/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts +1 -1
  319. package/lib/custom-auth-path/types/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
  320. package/lib/custom-auth-path/types/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
  321. package/lib/custom-auth-path/types/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +1 -1
  322. package/lib/custom-auth-path/types/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
  323. package/lib/custom-auth-path/types/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
  324. package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  325. package/lib/custom-auth-path/types/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
  326. package/lib/custom-auth-path/types/interaction_client/SilentRefreshClient.d.ts.map +1 -1
  327. package/lib/custom-auth-path/types/interaction_handler/InteractionHandler.d.ts +3 -2
  328. package/lib/custom-auth-path/types/interaction_handler/InteractionHandler.d.ts.map +1 -1
  329. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  330. package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
  331. package/lib/custom-auth-path/types/utils/BrowserConstants.d.ts +20 -1
  332. package/lib/custom-auth-path/types/utils/BrowserConstants.d.ts.map +1 -1
  333. package/lib/msal-browser.cjs +183 -133
  334. package/lib/msal-browser.cjs.map +1 -1
  335. package/lib/msal-browser.js +183 -133
  336. package/lib/msal-browser.js.map +1 -1
  337. package/lib/msal-browser.min.js +63 -63
  338. package/lib/types/cache/BrowserCacheManager.d.ts +3 -3
  339. package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
  340. package/lib/types/cache/TokenCache.d.ts +3 -2
  341. package/lib/types/cache/TokenCache.d.ts.map +1 -1
  342. package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
  343. package/lib/types/controllers/StandardController.d.ts.map +1 -1
  344. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  345. package/lib/types/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts +1 -1
  346. package/lib/types/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.d.ts.map +1 -1
  347. package/lib/types/custom_auth/core/interaction_client/jit/JitClient.d.ts.map +1 -1
  348. package/lib/types/custom_auth/core/interaction_client/mfa/MfaClient.d.ts.map +1 -1
  349. package/lib/types/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
  350. package/lib/types/custom_auth/sign_in/interaction_client/SignInClient.d.ts.map +1 -1
  351. package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
  352. package/lib/types/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
  353. package/lib/types/interaction_client/SilentRefreshClient.d.ts.map +1 -1
  354. package/lib/types/interaction_handler/InteractionHandler.d.ts +3 -2
  355. package/lib/types/interaction_handler/InteractionHandler.d.ts.map +1 -1
  356. package/lib/types/packageMetadata.d.ts +1 -1
  357. package/lib/types/protocol/Authorize.d.ts.map +1 -1
  358. package/lib/types/utils/BrowserConstants.d.ts +20 -1
  359. package/lib/types/utils/BrowserConstants.d.ts.map +1 -1
  360. package/package.json +2 -2
  361. package/src/cache/BrowserCacheManager.ts +16 -2
  362. package/src/cache/TokenCache.ts +122 -72
  363. package/src/controllers/NestedAppAuthController.ts +2 -1
  364. package/src/controllers/StandardController.ts +4 -2
  365. package/src/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.ts +4 -2
  366. package/src/custom_auth/core/interaction_client/jit/JitClient.ts +2 -1
  367. package/src/custom_auth/core/interaction_client/mfa/MfaClient.ts +2 -1
  368. package/src/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.ts +2 -1
  369. package/src/custom_auth/sign_in/interaction_client/SignInClient.ts +10 -5
  370. package/src/interaction_client/PlatformAuthInteractionClient.ts +3 -1
  371. package/src/interaction_client/SilentAuthCodeClient.ts +1 -0
  372. package/src/interaction_client/SilentRefreshClient.ts +7 -5
  373. package/src/interaction_handler/InteractionHandler.ts +10 -3
  374. package/src/packageMetadata.ts +1 -1
  375. package/src/protocol/Authorize.ts +2 -1
  376. package/src/utils/BrowserConstants.ts +27 -1
@@ -1,8 +1,8 @@
1
- /*! @azure/msal-browser v4.27.0 2025-12-04 */
1
+ /*! @azure/msal-browser v4.28.0 2026-01-13 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
5
- /*! @azure/msal-common v15.13.3 2025-12-04 */
5
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6
6
  /*
7
7
  * Copyright (c) Microsoft Corporation. All rights reserved.
8
8
  * Licensed under the MIT License.
@@ -276,7 +276,7 @@ const JsonWebTokenTypes = {
276
276
  // Token renewal offset default in seconds
277
277
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
278
278
 
279
- /*! @azure/msal-common v15.13.3 2025-12-04 */
279
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
280
280
  /*
281
281
  * Copyright (c) Microsoft Corporation. All rights reserved.
282
282
  * Licensed under the MIT License.
@@ -287,7 +287,7 @@ const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
287
287
  const unexpectedError = "unexpected_error";
288
288
  const postRequestFailed$1 = "post_request_failed";
289
289
 
290
- /*! @azure/msal-common v15.13.3 2025-12-04 */
290
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
291
291
 
292
292
  /*
293
293
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -322,7 +322,7 @@ function createAuthError(code, additionalMessage) {
322
322
  : AuthErrorMessages[code]);
323
323
  }
324
324
 
325
- /*! @azure/msal-common v15.13.3 2025-12-04 */
325
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
326
326
  /*
327
327
  * Copyright (c) Microsoft Corporation. All rights reserved.
328
328
  * Licensed under the MIT License.
@@ -373,7 +373,7 @@ const methodNotImplemented = "method_not_implemented";
373
373
  const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
374
374
  const platformBrokerError = "platform_broker_error";
375
375
 
376
- /*! @azure/msal-common v15.13.3 2025-12-04 */
376
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
377
377
 
378
378
  /*
379
379
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -448,7 +448,7 @@ function createClientAuthError(errorCode, additionalMessage) {
448
448
  return new ClientAuthError(errorCode, additionalMessage);
449
449
  }
450
450
 
451
- /*! @azure/msal-common v15.13.3 2025-12-04 */
451
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
452
452
 
453
453
  /*
454
454
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -487,7 +487,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
487
487
  },
488
488
  };
489
489
 
490
- /*! @azure/msal-common v15.13.3 2025-12-04 */
490
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
491
491
 
492
492
  /*
493
493
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -678,12 +678,12 @@ class Logger {
678
678
  }
679
679
  }
680
680
 
681
- /*! @azure/msal-common v15.13.3 2025-12-04 */
681
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
682
682
  /* eslint-disable header/header */
683
683
  const name$1 = "@azure/msal-common";
684
- const version$1 = "15.13.3";
684
+ const version$1 = "15.14.0";
685
685
 
686
- /*! @azure/msal-common v15.13.3 2025-12-04 */
686
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
687
687
  /*
688
688
  * Copyright (c) Microsoft Corporation. All rights reserved.
689
689
  * Licensed under the MIT License.
@@ -692,7 +692,7 @@ const AzureCloudInstance = {
692
692
  // AzureCloudInstance is not specified.
693
693
  None: "none"};
694
694
 
695
- /*! @azure/msal-common v15.13.3 2025-12-04 */
695
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
696
696
  /*
697
697
  * Copyright (c) Microsoft Corporation. All rights reserved.
698
698
  * Licensed under the MIT License.
@@ -722,7 +722,7 @@ const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
722
722
  const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
723
723
  const invalidPlatformBrokerConfiguration = "invalid_platform_broker_configuration";
724
724
 
725
- /*! @azure/msal-common v15.13.3 2025-12-04 */
725
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
726
726
 
727
727
  /*
728
728
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -768,7 +768,7 @@ function createClientConfigurationError(errorCode) {
768
768
  return new ClientConfigurationError(errorCode);
769
769
  }
770
770
 
771
- /*! @azure/msal-common v15.13.3 2025-12-04 */
771
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
772
772
  /*
773
773
  * Copyright (c) Microsoft Corporation. All rights reserved.
774
774
  * Licensed under the MIT License.
@@ -865,7 +865,7 @@ class StringUtils {
865
865
  }
866
866
  }
867
867
 
868
- /*! @azure/msal-common v15.13.3 2025-12-04 */
868
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
869
869
 
870
870
  /*
871
871
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1060,7 +1060,7 @@ class ScopeSet {
1060
1060
  }
1061
1061
  }
1062
1062
 
1063
- /*! @azure/msal-common v15.13.3 2025-12-04 */
1063
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1064
1064
 
1065
1065
  /*
1066
1066
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1100,7 +1100,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
1100
1100
  };
1101
1101
  }
1102
1102
 
1103
- /*! @azure/msal-common v15.13.3 2025-12-04 */
1103
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1104
1104
  /*
1105
1105
  * Copyright (c) Microsoft Corporation. All rights reserved.
1106
1106
  * Licensed under the MIT License.
@@ -1182,7 +1182,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
1182
1182
  return updatedAccountInfo;
1183
1183
  }
1184
1184
 
1185
- /*! @azure/msal-common v15.13.3 2025-12-04 */
1185
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1186
1186
  /*
1187
1187
  * Copyright (c) Microsoft Corporation. All rights reserved.
1188
1188
  * Licensed under the MIT License.
@@ -1197,7 +1197,7 @@ const AuthorityType = {
1197
1197
  Ciam: 3,
1198
1198
  };
1199
1199
 
1200
- /*! @azure/msal-common v15.13.3 2025-12-04 */
1200
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1201
1201
  /*
1202
1202
  * Copyright (c) Microsoft Corporation. All rights reserved.
1203
1203
  * Licensed under the MIT License.
@@ -1219,7 +1219,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
1219
1219
  return null;
1220
1220
  }
1221
1221
 
1222
- /*! @azure/msal-common v15.13.3 2025-12-04 */
1222
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1223
1223
  /*
1224
1224
  * Copyright (c) Microsoft Corporation. All rights reserved.
1225
1225
  * Licensed under the MIT License.
@@ -1243,7 +1243,7 @@ const ProtocolMode = {
1243
1243
  EAR: "EAR",
1244
1244
  };
1245
1245
 
1246
- /*! @azure/msal-common v15.13.3 2025-12-04 */
1246
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1247
1247
 
1248
1248
  /*
1249
1249
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1464,7 +1464,7 @@ class AccountEntity {
1464
1464
  }
1465
1465
  }
1466
1466
 
1467
- /*! @azure/msal-common v15.13.3 2025-12-04 */
1467
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1468
1468
 
1469
1469
  /*
1470
1470
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1545,7 +1545,7 @@ function checkMaxAge(authTime, maxAge) {
1545
1545
  }
1546
1546
  }
1547
1547
 
1548
- /*! @azure/msal-common v15.13.3 2025-12-04 */
1548
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1549
1549
 
1550
1550
  /*
1551
1551
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1661,7 +1661,7 @@ function normalizeUrlForComparison(url) {
1661
1661
  }
1662
1662
  }
1663
1663
 
1664
- /*! @azure/msal-common v15.13.3 2025-12-04 */
1664
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1665
1665
 
1666
1666
  /*
1667
1667
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1825,7 +1825,7 @@ class UrlString {
1825
1825
  }
1826
1826
  }
1827
1827
 
1828
- /*! @azure/msal-common v15.13.3 2025-12-04 */
1828
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1829
1829
 
1830
1830
  /*
1831
1831
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1964,7 +1964,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
1964
1964
  return null;
1965
1965
  }
1966
1966
 
1967
- /*! @azure/msal-common v15.13.3 2025-12-04 */
1967
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1968
1968
  /*
1969
1969
  * Copyright (c) Microsoft Corporation. All rights reserved.
1970
1970
  * Licensed under the MIT License.
@@ -1972,7 +1972,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
1972
1972
  const cacheQuotaExceeded = "cache_quota_exceeded";
1973
1973
  const cacheErrorUnknown = "cache_error_unknown";
1974
1974
 
1975
- /*! @azure/msal-common v15.13.3 2025-12-04 */
1975
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
1976
1976
 
1977
1977
  /*
1978
1978
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2017,7 +2017,7 @@ function createCacheError(e) {
2017
2017
  }
2018
2018
  }
2019
2019
 
2020
- /*! @azure/msal-common v15.13.3 2025-12-04 */
2020
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
2021
2021
 
2022
2022
  /*
2023
2023
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2187,15 +2187,16 @@ class CacheManager {
2187
2187
  * @param cacheRecord {CacheRecord}
2188
2188
  * @param correlationId {?string} correlation id
2189
2189
  * @param kmsi - Keep Me Signed In
2190
+ * @param apiId - API identifier for telemetry tracking
2190
2191
  * @param storeInCache {?StoreInCache}
2191
2192
  */
2192
- async saveCacheRecord(cacheRecord, correlationId, kmsi, storeInCache) {
2193
+ async saveCacheRecord(cacheRecord, correlationId, kmsi, apiId, storeInCache) {
2193
2194
  if (!cacheRecord) {
2194
2195
  throw createClientAuthError(invalidCacheRecord);
2195
2196
  }
2196
2197
  try {
2197
2198
  if (!!cacheRecord.account) {
2198
- await this.setAccount(cacheRecord.account, correlationId, kmsi);
2199
+ await this.setAccount(cacheRecord.account, correlationId, kmsi, apiId);
2199
2200
  }
2200
2201
  if (!!cacheRecord.idToken && storeInCache?.idToken !== false) {
2201
2202
  await this.setIdTokenCredential(cacheRecord.idToken, correlationId, kmsi);
@@ -3126,7 +3127,7 @@ class DefaultStorageClass extends CacheManager {
3126
3127
  }
3127
3128
  }
3128
3129
 
3129
- /*! @azure/msal-common v15.13.3 2025-12-04 */
3130
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
3130
3131
  /*
3131
3132
  * Copyright (c) Microsoft Corporation. All rights reserved.
3132
3133
  * Licensed under the MIT License.
@@ -3383,6 +3384,11 @@ const PerformanceEvents = {
3383
3384
  Decrypt: "decrypt",
3384
3385
  GenerateEarKey: "generateEarKey",
3385
3386
  DecryptEarResponse: "decryptEarResponse",
3387
+ LoadExternalTokens: "LoadExternalTokens",
3388
+ LoadAccount: "loadAccount",
3389
+ LoadIdToken: "loadIdToken",
3390
+ LoadAccessToken: "loadAccessToken",
3391
+ LoadRefreshToken: "loadRefreshToken",
3386
3392
  };
3387
3393
  /**
3388
3394
  * State of the performance event.
@@ -3393,7 +3399,7 @@ const PerformanceEvents = {
3393
3399
  const PerformanceEventStatus = {
3394
3400
  InProgress: 1};
3395
3401
 
3396
- /*! @azure/msal-common v15.13.3 2025-12-04 */
3402
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
3397
3403
 
3398
3404
  /*
3399
3405
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3472,7 +3478,7 @@ class StubPerformanceClient {
3472
3478
  }
3473
3479
  }
3474
3480
 
3475
- /*! @azure/msal-common v15.13.3 2025-12-04 */
3481
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
3476
3482
 
3477
3483
  /*
3478
3484
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3572,7 +3578,7 @@ function isOidcProtocolMode(config) {
3572
3578
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
3573
3579
  }
3574
3580
 
3575
- /*! @azure/msal-common v15.13.3 2025-12-04 */
3581
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
3576
3582
  /*
3577
3583
  * Copyright (c) Microsoft Corporation. All rights reserved.
3578
3584
  * Licensed under the MIT License.
@@ -3582,7 +3588,7 @@ const CcsCredentialType = {
3582
3588
  UPN: "UPN",
3583
3589
  };
3584
3590
 
3585
- /*! @azure/msal-common v15.13.3 2025-12-04 */
3591
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
3586
3592
  /*
3587
3593
  * Copyright (c) Microsoft Corporation. All rights reserved.
3588
3594
  * Licensed under the MIT License.
@@ -3632,7 +3638,7 @@ const INSTANCE_AWARE = "instance_aware";
3632
3638
  const EAR_JWK = "ear_jwk";
3633
3639
  const EAR_JWE_CRYPTO = "ear_jwe_crypto";
3634
3640
 
3635
- /*! @azure/msal-common v15.13.3 2025-12-04 */
3641
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
3636
3642
 
3637
3643
  /*
3638
3644
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4012,7 +4018,7 @@ function addPostBodyParameters(parameters, bodyParameters) {
4012
4018
  });
4013
4019
  }
4014
4020
 
4015
- /*! @azure/msal-common v15.13.3 2025-12-04 */
4021
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4016
4022
  /*
4017
4023
  * Copyright (c) Microsoft Corporation. All rights reserved.
4018
4024
  * Licensed under the MIT License.
@@ -4024,7 +4030,7 @@ function isOpenIdConfigResponse(response) {
4024
4030
  response.hasOwnProperty("jwks_uri"));
4025
4031
  }
4026
4032
 
4027
- /*! @azure/msal-common v15.13.3 2025-12-04 */
4033
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4028
4034
  /*
4029
4035
  * Copyright (c) Microsoft Corporation. All rights reserved.
4030
4036
  * Licensed under the MIT License.
@@ -4034,7 +4040,7 @@ function isCloudInstanceDiscoveryResponse(response) {
4034
4040
  response.hasOwnProperty("metadata"));
4035
4041
  }
4036
4042
 
4037
- /*! @azure/msal-common v15.13.3 2025-12-04 */
4043
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4038
4044
  /*
4039
4045
  * Copyright (c) Microsoft Corporation. All rights reserved.
4040
4046
  * Licensed under the MIT License.
@@ -4044,7 +4050,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
4044
4050
  response.hasOwnProperty("error_description"));
4045
4051
  }
4046
4052
 
4047
- /*! @azure/msal-common v15.13.3 2025-12-04 */
4053
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4048
4054
  /*
4049
4055
  * Copyright (c) Microsoft Corporation. All rights reserved.
4050
4056
  * Licensed under the MIT License.
@@ -4140,7 +4146,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
4140
4146
  };
4141
4147
  };
4142
4148
 
4143
- /*! @azure/msal-common v15.13.3 2025-12-04 */
4149
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4144
4150
 
4145
4151
  /*
4146
4152
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4246,7 +4252,7 @@ RegionDiscovery.IMDS_OPTIONS = {
4246
4252
  },
4247
4253
  };
4248
4254
 
4249
- /*! @azure/msal-common v15.13.3 2025-12-04 */
4255
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4250
4256
  /*
4251
4257
  * Copyright (c) Microsoft Corporation. All rights reserved.
4252
4258
  * Licensed under the MIT License.
@@ -4311,7 +4317,7 @@ function wasClockTurnedBack(cachedAt) {
4311
4317
  return cachedAtSec > nowSeconds();
4312
4318
  }
4313
4319
 
4314
- /*! @azure/msal-common v15.13.3 2025-12-04 */
4320
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4315
4321
 
4316
4322
  /*
4317
4323
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4573,7 +4579,7 @@ function isAuthorityMetadataExpired(metadata) {
4573
4579
  return metadata.expiresAt <= nowSeconds();
4574
4580
  }
4575
4581
 
4576
- /*! @azure/msal-common v15.13.3 2025-12-04 */
4582
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
4577
4583
 
4578
4584
  /*
4579
4585
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5412,7 +5418,7 @@ function buildStaticAuthorityOptions(authOptions) {
5412
5418
  };
5413
5419
  }
5414
5420
 
5415
- /*! @azure/msal-common v15.13.3 2025-12-04 */
5421
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
5416
5422
 
5417
5423
  /*
5418
5424
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5443,7 +5449,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
5443
5449
  }
5444
5450
  }
5445
5451
 
5446
- /*! @azure/msal-common v15.13.3 2025-12-04 */
5452
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
5447
5453
 
5448
5454
  /*
5449
5455
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5462,7 +5468,7 @@ class ServerError extends AuthError {
5462
5468
  }
5463
5469
  }
5464
5470
 
5465
- /*! @azure/msal-common v15.13.3 2025-12-04 */
5471
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
5466
5472
  /*
5467
5473
  * Copyright (c) Microsoft Corporation. All rights reserved.
5468
5474
  * Licensed under the MIT License.
@@ -5483,7 +5489,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
5483
5489
  };
5484
5490
  }
5485
5491
 
5486
- /*! @azure/msal-common v15.13.3 2025-12-04 */
5492
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
5487
5493
 
5488
5494
  /*
5489
5495
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5570,7 +5576,7 @@ class ThrottlingUtils {
5570
5576
  }
5571
5577
  }
5572
5578
 
5573
- /*! @azure/msal-common v15.13.3 2025-12-04 */
5579
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
5574
5580
 
5575
5581
  /*
5576
5582
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5601,7 +5607,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
5601
5607
  return new NetworkError(error, httpStatus, responseHeaders);
5602
5608
  }
5603
5609
 
5604
- /*! @azure/msal-common v15.13.3 2025-12-04 */
5610
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
5605
5611
 
5606
5612
  /*
5607
5613
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5749,7 +5755,7 @@ class BaseClient {
5749
5755
  }
5750
5756
  }
5751
5757
 
5752
- /*! @azure/msal-common v15.13.3 2025-12-04 */
5758
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
5753
5759
  /*
5754
5760
  * Copyright (c) Microsoft Corporation. All rights reserved.
5755
5761
  * Licensed under the MIT License.
@@ -5765,7 +5771,7 @@ const consentRequired = "consent_required";
5765
5771
  const loginRequired = "login_required";
5766
5772
  const badToken = "bad_token";
5767
5773
 
5768
- /*! @azure/msal-common v15.13.3 2025-12-04 */
5774
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
5769
5775
 
5770
5776
  /*
5771
5777
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5837,7 +5843,7 @@ function createInteractionRequiredAuthError(errorCode) {
5837
5843
  return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
5838
5844
  }
5839
5845
 
5840
- /*! @azure/msal-common v15.13.3 2025-12-04 */
5846
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
5841
5847
 
5842
5848
  /*
5843
5849
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5909,7 +5915,7 @@ class ProtocolUtils {
5909
5915
  }
5910
5916
  }
5911
5917
 
5912
- /*! @azure/msal-common v15.13.3 2025-12-04 */
5918
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
5913
5919
 
5914
5920
  /*
5915
5921
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5991,7 +5997,7 @@ class PopTokenGenerator {
5991
5997
  }
5992
5998
  }
5993
5999
 
5994
- /*! @azure/msal-common v15.13.3 2025-12-04 */
6000
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
5995
6001
  /*
5996
6002
  * Copyright (c) Microsoft Corporation. All rights reserved.
5997
6003
  * Licensed under the MIT License.
@@ -6018,7 +6024,7 @@ class PopTokenGenerator {
6018
6024
  }
6019
6025
  }
6020
6026
 
6021
- /*! @azure/msal-common v15.13.3 2025-12-04 */
6027
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6022
6028
 
6023
6029
  /*
6024
6030
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6082,7 +6088,7 @@ class ResponseHandler {
6082
6088
  * @param serverTokenResponse
6083
6089
  * @param authority
6084
6090
  */
6085
- async handleServerTokenResponse(serverTokenResponse, authority, reqTimestamp, request, authCodePayload, userAssertionHash, handlingRefreshTokenResponse, forceCacheRefreshTokenResponse, serverRequestId) {
6091
+ async handleServerTokenResponse(serverTokenResponse, authority, reqTimestamp, request, apiId, authCodePayload, userAssertionHash, handlingRefreshTokenResponse, forceCacheRefreshTokenResponse, serverRequestId) {
6086
6092
  this.performanceClient?.addQueueMeasurement(PerformanceEvents.HandleServerTokenResponse, serverTokenResponse.correlation_id);
6087
6093
  // create an idToken object (not entity)
6088
6094
  let idTokenClaims;
@@ -6137,7 +6143,7 @@ class ResponseHandler {
6137
6143
  return await ResponseHandler.generateAuthenticationResult(this.cryptoObj, authority, cacheRecord, false, request, idTokenClaims, requestStateObj, undefined, serverRequestId);
6138
6144
  }
6139
6145
  }
6140
- await this.cacheStorage.saveCacheRecord(cacheRecord, request.correlationId, isKmsi(idTokenClaims || {}), request.storeInCache);
6146
+ await this.cacheStorage.saveCacheRecord(cacheRecord, request.correlationId, isKmsi(idTokenClaims || {}), apiId, request.storeInCache);
6141
6147
  }
6142
6148
  finally {
6143
6149
  if (this.persistencePlugin &&
@@ -6207,6 +6213,9 @@ class ResponseHandler {
6207
6213
  ? parseInt(serverTokenResponse.refresh_token_expires_in, 10)
6208
6214
  : serverTokenResponse.refresh_token_expires_in;
6209
6215
  rtExpiresOn = reqTimestamp + rtExpiresIn;
6216
+ this.performanceClient?.addFields({
6217
+ ntwkRtExpiresOnSeconds: rtExpiresOn,
6218
+ }, request.correlationId);
6210
6219
  }
6211
6220
  cachedRefreshToken = createRefreshTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.refresh_token, this.clientId, serverTokenResponse.foci, userAssertionHash, rtExpiresOn);
6212
6221
  }
@@ -6349,7 +6358,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
6349
6358
  return baseAccount;
6350
6359
  }
6351
6360
 
6352
- /*! @azure/msal-common v15.13.3 2025-12-04 */
6361
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6353
6362
  /*
6354
6363
  * Copyright (c) Microsoft Corporation. All rights reserved.
6355
6364
  * Licensed under the MIT License.
@@ -6367,7 +6376,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
6367
6376
  }
6368
6377
  }
6369
6378
 
6370
- /*! @azure/msal-common v15.13.3 2025-12-04 */
6379
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6371
6380
 
6372
6381
  /*
6373
6382
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6389,8 +6398,9 @@ class AuthorizationCodeClient extends BaseClient {
6389
6398
  * API to acquire a token in exchange of 'authorization_code` acquired by the user in the first leg of the
6390
6399
  * authorization_code_grant
6391
6400
  * @param request
6401
+ * @param apiId - API identifier for telemetry tracking
6392
6402
  */
6393
- async acquireToken(request, authCodePayload) {
6403
+ async acquireToken(request, apiId, authCodePayload) {
6394
6404
  this.performanceClient?.addQueueMeasurement(PerformanceEvents.AuthClientAcquireToken, request.correlationId);
6395
6405
  if (!request.code) {
6396
6406
  throw createClientAuthError(requestCannotBeMade);
@@ -6402,7 +6412,7 @@ class AuthorizationCodeClient extends BaseClient {
6402
6412
  const responseHandler = new ResponseHandler(this.config.authOptions.clientId, this.cacheManager, this.cryptoUtils, this.logger, this.config.serializableCache, this.config.persistencePlugin, this.performanceClient);
6403
6413
  // Validate response. This function throws a server error if an error is returned by the server.
6404
6414
  responseHandler.validateTokenResponse(response.body);
6405
- return invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, this.logger, this.performanceClient, request.correlationId)(response.body, this.authority, reqTimestamp, request, authCodePayload, undefined, undefined, undefined, requestId);
6415
+ return invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, this.logger, this.performanceClient, request.correlationId)(response.body, this.authority, reqTimestamp, request, apiId, authCodePayload, undefined, undefined, undefined, requestId);
6406
6416
  }
6407
6417
  /**
6408
6418
  * Used to log out the current user, and redirect the user to the postLogoutRedirectUri.
@@ -6602,7 +6612,7 @@ class AuthorizationCodeClient extends BaseClient {
6602
6612
  }
6603
6613
  }
6604
6614
 
6605
- /*! @azure/msal-common v15.13.3 2025-12-04 */
6615
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6606
6616
 
6607
6617
  /*
6608
6618
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6617,7 +6627,7 @@ class RefreshTokenClient extends BaseClient {
6617
6627
  constructor(configuration, performanceClient) {
6618
6628
  super(configuration, performanceClient);
6619
6629
  }
6620
- async acquireToken(request) {
6630
+ async acquireToken(request, apiId) {
6621
6631
  this.performanceClient?.addQueueMeasurement(PerformanceEvents.RefreshTokenClientAcquireToken, request.correlationId);
6622
6632
  const reqTimestamp = nowSeconds();
6623
6633
  const response = await invokeAsync(this.executeTokenRequest.bind(this), PerformanceEvents.RefreshTokenClientExecuteTokenRequest, this.logger, this.performanceClient, request.correlationId)(request, this.authority);
@@ -6625,13 +6635,13 @@ class RefreshTokenClient extends BaseClient {
6625
6635
  const requestId = response.headers?.[HeaderNames.X_MS_REQUEST_ID];
6626
6636
  const responseHandler = new ResponseHandler(this.config.authOptions.clientId, this.cacheManager, this.cryptoUtils, this.logger, this.config.serializableCache, this.config.persistencePlugin);
6627
6637
  responseHandler.validateTokenResponse(response.body);
6628
- return invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, this.logger, this.performanceClient, request.correlationId)(response.body, this.authority, reqTimestamp, request, undefined, undefined, true, request.forceCache, requestId);
6638
+ return invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, this.logger, this.performanceClient, request.correlationId)(response.body, this.authority, reqTimestamp, request, apiId, undefined, undefined, true, request.forceCache, requestId);
6629
6639
  }
6630
6640
  /**
6631
6641
  * Gets cached refresh token and attaches to request, then calls acquireToken API
6632
6642
  * @param request
6633
6643
  */
6634
- async acquireTokenByRefreshToken(request) {
6644
+ async acquireTokenByRefreshToken(request, apiId) {
6635
6645
  // Cannot renew token if no request object is given.
6636
6646
  if (!request) {
6637
6647
  throw createClientConfigurationError(tokenRequestEmpty);
@@ -6646,7 +6656,7 @@ class RefreshTokenClient extends BaseClient {
6646
6656
  // if the app is part of the family, retrive a Family refresh token if present and make a refreshTokenRequest
6647
6657
  if (isFOCI) {
6648
6658
  try {
6649
- return await invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, true);
6659
+ return await invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, true, apiId);
6650
6660
  }
6651
6661
  catch (e) {
6652
6662
  const noFamilyRTInCache = e instanceof InteractionRequiredAuthError &&
@@ -6657,7 +6667,7 @@ class RefreshTokenClient extends BaseClient {
6657
6667
  e.subError === Errors.CLIENT_MISMATCH_ERROR;
6658
6668
  // if family Refresh Token (FRT) cache acquisition fails or if client_mismatch error is seen with FRT, reattempt with application Refresh Token (ART)
6659
6669
  if (noFamilyRTInCache || clientMismatchErrorWithFamilyRT) {
6660
- return invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, false);
6670
+ return invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, false, apiId);
6661
6671
  // throw in all other cases
6662
6672
  }
6663
6673
  else {
@@ -6666,26 +6676,30 @@ class RefreshTokenClient extends BaseClient {
6666
6676
  }
6667
6677
  }
6668
6678
  // fall back to application refresh token acquisition
6669
- return invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, false);
6679
+ return invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, false, apiId);
6670
6680
  }
6671
6681
  /**
6672
6682
  * makes a network call to acquire tokens by exchanging RefreshToken available in userCache; throws if refresh token is not cached
6673
6683
  * @param request
6674
6684
  */
6675
- async acquireTokenWithCachedRefreshToken(request, foci) {
6685
+ async acquireTokenWithCachedRefreshToken(request, foci, apiId) {
6676
6686
  this.performanceClient?.addQueueMeasurement(PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, request.correlationId);
6677
6687
  // fetches family RT or application RT based on FOCI value
6678
6688
  const refreshToken = invoke(this.cacheManager.getRefreshToken.bind(this.cacheManager), PerformanceEvents.CacheManagerGetRefreshToken, this.logger, this.performanceClient, request.correlationId)(request.account, foci, request.correlationId, undefined, this.performanceClient);
6679
6689
  if (!refreshToken) {
6680
6690
  throw createInteractionRequiredAuthError(noTokensFound);
6681
6691
  }
6682
- if (refreshToken.expiresOn &&
6683
- isTokenExpired(refreshToken.expiresOn, request.refreshTokenExpirationOffsetSeconds ||
6684
- DEFAULT_REFRESH_TOKEN_EXPIRATION_OFFSET_SECONDS)) {
6685
- this.performanceClient?.addFields({ rtExpiresOnMs: Number(refreshToken.expiresOn) }, request.correlationId);
6686
- throw createInteractionRequiredAuthError(refreshTokenExpired);
6692
+ if (refreshToken.expiresOn) {
6693
+ const offset = request.refreshTokenExpirationOffsetSeconds ||
6694
+ DEFAULT_REFRESH_TOKEN_EXPIRATION_OFFSET_SECONDS;
6695
+ this.performanceClient?.addFields({
6696
+ cacheRtExpiresOnSeconds: Number(refreshToken.expiresOn),
6697
+ rtOffsetSeconds: offset,
6698
+ }, request.correlationId);
6699
+ if (isTokenExpired(refreshToken.expiresOn, offset)) {
6700
+ throw createInteractionRequiredAuthError(refreshTokenExpired);
6701
+ }
6687
6702
  }
6688
- // attach cached RT size to the current measurement
6689
6703
  const refreshTokenRequest = {
6690
6704
  ...request,
6691
6705
  refreshToken: refreshToken.secret,
@@ -6696,11 +6710,10 @@ class RefreshTokenClient extends BaseClient {
6696
6710
  },
6697
6711
  };
6698
6712
  try {
6699
- return await invokeAsync(this.acquireToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireToken, this.logger, this.performanceClient, request.correlationId)(refreshTokenRequest);
6713
+ return await invokeAsync(this.acquireToken.bind(this), PerformanceEvents.RefreshTokenClientAcquireToken, this.logger, this.performanceClient, request.correlationId)(refreshTokenRequest, apiId);
6700
6714
  }
6701
6715
  catch (e) {
6702
6716
  if (e instanceof InteractionRequiredAuthError) {
6703
- this.performanceClient?.addFields({ rtExpiresOnMs: Number(refreshToken.expiresOn) }, request.correlationId);
6704
6717
  if (e.subError === badToken) {
6705
6718
  // Remove bad refresh token from cache
6706
6719
  this.logger.verbose("acquireTokenWithRefreshToken: bad refresh token, removing from cache");
@@ -6811,7 +6824,7 @@ class RefreshTokenClient extends BaseClient {
6811
6824
  }
6812
6825
  }
6813
6826
 
6814
- /*! @azure/msal-common v15.13.3 2025-12-04 */
6827
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6815
6828
 
6816
6829
  /*
6817
6830
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6909,7 +6922,7 @@ class SilentFlowClient extends BaseClient {
6909
6922
  }
6910
6923
  }
6911
6924
 
6912
- /*! @azure/msal-common v15.13.3 2025-12-04 */
6925
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6913
6926
 
6914
6927
  /*
6915
6928
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6924,7 +6937,7 @@ const StubbedNetworkModule = {
6924
6937
  },
6925
6938
  };
6926
6939
 
6927
- /*! @azure/msal-common v15.13.3 2025-12-04 */
6940
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
6928
6941
 
6929
6942
  /*
6930
6943
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7148,7 +7161,7 @@ function extractLoginHint(account) {
7148
7161
  return account.loginHint || account.idTokenClaims?.login_hint || null;
7149
7162
  }
7150
7163
 
7151
- /*! @azure/msal-common v15.13.3 2025-12-04 */
7164
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
7152
7165
 
7153
7166
  /*
7154
7167
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7411,7 +7424,7 @@ class ServerTelemetryManager {
7411
7424
  }
7412
7425
  }
7413
7426
 
7414
- /*! @azure/msal-common v15.13.3 2025-12-04 */
7427
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
7415
7428
  /*
7416
7429
  * Copyright (c) Microsoft Corporation. All rights reserved.
7417
7430
  * Licensed under the MIT License.
@@ -7419,7 +7432,7 @@ class ServerTelemetryManager {
7419
7432
  const missingKidError = "missing_kid_error";
7420
7433
  const missingAlgError = "missing_alg_error";
7421
7434
 
7422
- /*! @azure/msal-common v15.13.3 2025-12-04 */
7435
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
7423
7436
 
7424
7437
  /*
7425
7438
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7444,7 +7457,7 @@ function createJoseHeaderError(code) {
7444
7457
  return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
7445
7458
  }
7446
7459
 
7447
- /*! @azure/msal-common v15.13.3 2025-12-04 */
7460
+ /*! @azure/msal-common v15.14.0 2026-01-13 */
7448
7461
 
7449
7462
  /*
7450
7463
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7879,7 +7892,7 @@ function ensureArgumentIsJSONString(argName, argValue, correlationId) {
7879
7892
 
7880
7893
  /* eslint-disable header/header */
7881
7894
  const name = "@azure/msal-browser";
7882
- const version = "4.27.0";
7895
+ const version = "4.28.0";
7883
7896
 
7884
7897
  /*
7885
7898
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8463,9 +8476,9 @@ const InMemoryCacheKeys = {
8463
8476
  };
8464
8477
  /**
8465
8478
  * API Codes for Telemetry purposes.
8466
- * Before adding a new code you must claim it in the MSAL Telemetry tracker as these number spaces are shared across all MSALs
8467
8479
  * 0-99 Silent Flow
8468
8480
  * 800-899 Auth Code Flow
8481
+ * 900-999 Miscellaneous
8469
8482
  */
8470
8483
  const ApiId = {
8471
8484
  acquireTokenRedirect: 861,
@@ -8477,6 +8490,30 @@ const ApiId = {
8477
8490
  acquireTokenSilent_silentFlow: 61,
8478
8491
  logout: 961,
8479
8492
  logoutPopup: 962,
8493
+ hydrateCache: 963,
8494
+ loadExternalTokens: 964,
8495
+ };
8496
+ /**
8497
+ * API Names for Telemetry purposes.
8498
+ */
8499
+ const ApiName = {
8500
+ 861: "acquireTokenRedirect",
8501
+ 862: "acquireTokenPopup",
8502
+ 863: "ssoSilent",
8503
+ 864: "acquireTokenSilent_authCode",
8504
+ 865: "handleRedirectPromise",
8505
+ 866: "acquireTokenByCode",
8506
+ 61: "acquireTokenSilent_silentFlow",
8507
+ 961: "logout",
8508
+ 962: "logoutPopup",
8509
+ 963: "hydrateCache",
8510
+ 964: "loadExternalTokens",
8511
+ };
8512
+ const apiIdToName = (id) => {
8513
+ if (typeof id === "number" && id in ApiName) {
8514
+ return ApiName[id];
8515
+ }
8516
+ return "unknown";
8480
8517
  };
8481
8518
  /*
8482
8519
  * Interaction type of the API - used for state and telemetry
@@ -9690,7 +9727,7 @@ class CustomAuthInteractionClientBase extends StandardInteractionClient {
9690
9727
  * @param correlationId Correlation ID for logging
9691
9728
  * @returns Authentication result from the token response
9692
9729
  */
9693
- async handleTokenResponse(tokenResponse, requestScopes, correlationId) {
9730
+ async handleTokenResponse(tokenResponse, requestScopes, correlationId, apiId) {
9694
9731
  this.logger.verbose("Processing token response.", correlationId);
9695
9732
  const requestTimestamp = Math.round(new Date().getTime() / 1000.0);
9696
9733
  // Save tokens and create authentication result
@@ -9698,7 +9735,7 @@ class CustomAuthInteractionClientBase extends StandardInteractionClient {
9698
9735
  authority: this.customAuthAuthority.canonicalAuthority,
9699
9736
  correlationId: tokenResponse.correlation_id ?? correlationId,
9700
9737
  scopes: requestScopes,
9701
- });
9738
+ }, apiId);
9702
9739
  return result;
9703
9740
  }
9704
9741
  // It is not necessary to implement this method from base class.
@@ -9874,7 +9911,7 @@ class SignInClient extends CustomAuthInteractionClientBase {
9874
9911
  claims: parameters.claims,
9875
9912
  }),
9876
9913
  };
9877
- return this.performTokenRequest(() => this.customAuthApiClient.signInApi.requestTokensWithOob(request), scopes, parameters.correlationId, telemetryManager);
9914
+ return this.performTokenRequest(() => this.customAuthApiClient.signInApi.requestTokensWithOob(request), scopes, parameters.correlationId, telemetryManager, apiId);
9878
9915
  }
9879
9916
  /**
9880
9917
  * Submits the password for sign-in flow.
@@ -9896,7 +9933,7 @@ class SignInClient extends CustomAuthInteractionClientBase {
9896
9933
  claims: parameters.claims,
9897
9934
  }),
9898
9935
  };
9899
- return this.performTokenRequest(() => this.customAuthApiClient.signInApi.requestTokensWithPassword(request), scopes, parameters.correlationId, telemetryManager);
9936
+ return this.performTokenRequest(() => this.customAuthApiClient.signInApi.requestTokensWithPassword(request), scopes, parameters.correlationId, telemetryManager, apiId);
9900
9937
  }
9901
9938
  /**
9902
9939
  * Signs in with continuation token.
@@ -9919,7 +9956,7 @@ class SignInClient extends CustomAuthInteractionClientBase {
9919
9956
  }),
9920
9957
  };
9921
9958
  // Call token endpoint.
9922
- return this.performTokenRequest(() => this.customAuthApiClient.signInApi.requestTokenWithContinuationToken(request), scopes, parameters.correlationId, telemetryManager);
9959
+ return this.performTokenRequest(() => this.customAuthApiClient.signInApi.requestTokenWithContinuationToken(request), scopes, parameters.correlationId, telemetryManager, apiId);
9923
9960
  }
9924
9961
  /**
9925
9962
  * Common method to handle token endpoint calls and create sign-in results.
@@ -9929,12 +9966,12 @@ class SignInClient extends CustomAuthInteractionClientBase {
9929
9966
  * @param telemetryManager Telemetry manager for telemetry logging
9930
9967
  * @returns SignInCompletedResult | SignInJitRequiredResult | SignInMfaRequiredResult with authentication result
9931
9968
  */
9932
- async performTokenRequest(tokenEndpointCaller, scopes, correlationId, telemetryManager) {
9969
+ async performTokenRequest(tokenEndpointCaller, scopes, correlationId, telemetryManager, apiId) {
9933
9970
  this.logger.verbose("Calling token endpoint for sign in.", correlationId);
9934
9971
  try {
9935
9972
  const tokenResponse = await tokenEndpointCaller();
9936
9973
  this.logger.verbose("Token endpoint response received for sign in.", correlationId);
9937
- const authResult = await this.handleTokenResponse(tokenResponse, scopes, correlationId);
9974
+ const authResult = await this.handleTokenResponse(tokenResponse, scopes, correlationId, apiId);
9938
9975
  return createSignInCompleteResult({
9939
9976
  correlationId: tokenResponse.correlation_id ?? correlationId,
9940
9977
  authenticationResult: authResult,
@@ -11555,7 +11592,7 @@ class JitClient extends CustomAuthInteractionClientBase {
11555
11592
  }),
11556
11593
  };
11557
11594
  const tokenResponse = await this.customAuthApiClient.signInApi.requestTokenWithContinuationToken(tokenRequest);
11558
- const authResult = await this.handleTokenResponse(tokenResponse, scopes, tokenResponse.correlation_id || continueResponse.correlation_id);
11595
+ const authResult = await this.handleTokenResponse(tokenResponse, scopes, tokenResponse.correlation_id || continueResponse.correlation_id, apiId);
11559
11596
  return createJitCompletedResult({
11560
11597
  correlationId: continueResponse.correlation_id,
11561
11598
  authenticationResult: authResult,
@@ -11648,7 +11685,7 @@ class MfaClient extends CustomAuthInteractionClientBase {
11648
11685
  this.logger.verbose("Calling token endpoint for MFA challenge submission.", parameters.correlationId);
11649
11686
  const tokenResponse = await this.customAuthApiClient.signInApi.requestTokensWithOob(request);
11650
11687
  // Save tokens and create authentication result
11651
- const result = await this.handleTokenResponse(tokenResponse, scopes, tokenResponse.correlation_id ?? parameters.correlationId);
11688
+ const result = await this.handleTokenResponse(tokenResponse, scopes, tokenResponse.correlation_id ?? parameters.correlationId, apiId);
11652
11689
  return createMfaCompletedResult({
11653
11690
  correlationId: parameters.correlationId,
11654
11691
  authenticationResult: result,
@@ -11699,7 +11736,7 @@ class CustomAuthSilentCacheClient extends CustomAuthInteractionClientBase {
11699
11736
  this.logger.verbose("Token refresh is required to acquire token silently", correlationId);
11700
11737
  const refreshTokenClient = new RefreshTokenClient(clientConfig, this.performanceClient);
11701
11738
  this.logger.verbose("Starting refresh flow to refresh token", correlationId);
11702
- const refreshTokenResult = await refreshTokenClient.acquireTokenByRefreshToken(silentRequest);
11739
+ const refreshTokenResult = await refreshTokenClient.acquireTokenByRefreshToken(silentRequest, ACCOUNT_GET_ACCESS_TOKEN);
11703
11740
  this.logger.verbose("Refresh flow to refresh token is completed", correlationId);
11704
11741
  return refreshTokenResult;
11705
11742
  }
@@ -15226,17 +15263,21 @@ class BrowserCacheManager extends CacheManager {
15226
15263
  if (!parsedAccount || !AccountEntity.isAccountEntity(parsedAccount)) {
15227
15264
  return null;
15228
15265
  }
15266
+ this.performanceClient.addFields({
15267
+ accountCachedBy: apiIdToName(parsedAccount.cachedByApiId),
15268
+ }, correlationId);
15229
15269
  return CacheManager.toObject(new AccountEntity(), parsedAccount);
15230
15270
  }
15231
15271
  /**
15232
15272
  * set account entity in the platform cache
15233
15273
  * @param account
15234
15274
  */
15235
- async setAccount(account, correlationId, kmsi) {
15275
+ async setAccount(account, correlationId, kmsi, apiId) {
15236
15276
  this.logger.trace("BrowserCacheManager.setAccount called");
15237
15277
  const key = this.generateAccountKey(AccountEntity.getAccountInfo(account));
15238
15278
  const timestamp = Date.now().toString();
15239
15279
  account.lastUpdatedAt = timestamp;
15280
+ account.cachedByApiId = apiId;
15240
15281
  await this.setUserData(key, JSON.stringify(account), correlationId, timestamp, kmsi);
15241
15282
  const wasAdded = this.addAccountKeyToMap(key, correlationId);
15242
15283
  this.performanceClient.addFields({ kmsi: kmsi }, correlationId);
@@ -16016,7 +16057,7 @@ class BrowserCacheManager extends CacheManager {
16016
16057
  idToken: idTokenEntity,
16017
16058
  accessToken: accessTokenEntity,
16018
16059
  };
16019
- return this.saveCacheRecord(cacheRecord, result.correlationId, isKmsi(extractTokenClaims(result.idToken, base64Decode)));
16060
+ return this.saveCacheRecord(cacheRecord, result.correlationId, isKmsi(extractTokenClaims(result.idToken, base64Decode)), ApiId.hydrateCache);
16020
16061
  }
16021
16062
  /**
16022
16063
  * saves a cache record
@@ -16024,9 +16065,9 @@ class BrowserCacheManager extends CacheManager {
16024
16065
  * @param storeInCache {?StoreInCache}
16025
16066
  * @param correlationId {?string} correlation id
16026
16067
  */
16027
- async saveCacheRecord(cacheRecord, correlationId, kmsi, storeInCache) {
16068
+ async saveCacheRecord(cacheRecord, correlationId, kmsi, apiId, storeInCache) {
16028
16069
  try {
16029
- await super.saveCacheRecord(cacheRecord, correlationId, kmsi, storeInCache);
16070
+ await super.saveCacheRecord(cacheRecord, correlationId, kmsi, apiId, storeInCache);
16030
16071
  }
16031
16072
  catch (e) {
16032
16073
  if (e instanceof CacheError &&
@@ -16386,7 +16427,7 @@ class InteractionHandler {
16386
16427
  * Function to handle response parameters from hash.
16387
16428
  * @param locationHash
16388
16429
  */
16389
- async handleCodeResponse(response, request) {
16430
+ async handleCodeResponse(response, request, apiId) {
16390
16431
  this.performanceClient.addQueueMeasurement(PerformanceEvents.HandleCodeResponse, request.correlationId);
16391
16432
  let authCodeResponse;
16392
16433
  try {
@@ -16402,7 +16443,7 @@ class InteractionHandler {
16402
16443
  throw e;
16403
16444
  }
16404
16445
  }
16405
- return invokeAsync(this.handleCodeResponseFromServer.bind(this), PerformanceEvents.HandleCodeResponseFromServer, this.logger, this.performanceClient, request.correlationId)(authCodeResponse, request);
16446
+ return invokeAsync(this.handleCodeResponseFromServer.bind(this), PerformanceEvents.HandleCodeResponseFromServer, this.logger, this.performanceClient, request.correlationId)(authCodeResponse, request, apiId);
16406
16447
  }
16407
16448
  /**
16408
16449
  * Process auth code response from AAD
@@ -16412,7 +16453,7 @@ class InteractionHandler {
16412
16453
  * @param networkModule
16413
16454
  * @returns
16414
16455
  */
16415
- async handleCodeResponseFromServer(authCodeResponse, request, validateNonce = true) {
16456
+ async handleCodeResponseFromServer(authCodeResponse, request, apiId, validateNonce = true) {
16416
16457
  this.performanceClient.addQueueMeasurement(PerformanceEvents.HandleCodeResponseFromServer, request.correlationId);
16417
16458
  this.logger.trace("InteractionHandler.handleCodeResponseFromServer called");
16418
16459
  // Assign code to request
@@ -16438,7 +16479,7 @@ class InteractionHandler {
16438
16479
  }
16439
16480
  }
16440
16481
  // Acquire token with retrieved code.
16441
- const tokenResponse = (await invokeAsync(this.authModule.acquireToken.bind(this.authModule), PerformanceEvents.AuthClientAcquireToken, this.logger, this.performanceClient, request.correlationId)(this.authCodeRequest, authCodeResponse));
16482
+ const tokenResponse = (await invokeAsync(this.authModule.acquireToken.bind(this.authModule), PerformanceEvents.AuthClientAcquireToken, this.logger, this.performanceClient, request.correlationId)(this.authCodeRequest, apiId, authCodeResponse));
16442
16483
  return tokenResponse;
16443
16484
  }
16444
16485
  /**
@@ -16986,7 +17027,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
16986
17027
  */
16987
17028
  async cacheAccount(accountEntity, correlationId, kmsi) {
16988
17029
  // Store the account info and hence `nativeAccountId` in browser cache
16989
- await this.browserStorage.setAccount(accountEntity, this.correlationId, kmsi);
17030
+ await this.browserStorage.setAccount(accountEntity, this.correlationId, kmsi, this.apiId);
16990
17031
  // Remove any existing cached tokens for this account in browser storage
16991
17032
  this.browserStorage.removeAccountContext(AccountEntity.getAccountInfo(accountEntity), correlationId);
16992
17033
  }
@@ -17015,7 +17056,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
17015
17056
  idToken: cachedIdToken,
17016
17057
  accessToken: cachedAccessToken,
17017
17058
  };
17018
- return this.nativeStorageManager.saveCacheRecord(nativeCacheRecord, this.correlationId, isKmsi(idTokenClaims), request.storeInCache);
17059
+ return this.nativeStorageManager.saveCacheRecord(nativeCacheRecord, this.correlationId, isKmsi(idTokenClaims), this.apiId, request.storeInCache);
17019
17060
  }
17020
17061
  getExpiresInValue(tokenType, expiresIn) {
17021
17062
  return tokenType === AuthenticationScheme.POP
@@ -17390,7 +17431,7 @@ async function handleResponseCode(request, response, codeVerifier, apiId, config
17390
17431
  // Create popup interaction handler.
17391
17432
  const interactionHandler = new InteractionHandler(authClient, browserStorage, authCodeRequest, logger, performanceClient);
17392
17433
  // Handle response from hash string.
17393
- const result = await invokeAsync(interactionHandler.handleCodeResponse.bind(interactionHandler), PerformanceEvents.HandleCodeResponse, logger, performanceClient, request.correlationId)(response, request);
17434
+ const result = await invokeAsync(interactionHandler.handleCodeResponse.bind(interactionHandler), PerformanceEvents.HandleCodeResponse, logger, performanceClient, request.correlationId)(response, request, apiId);
17394
17435
  return result;
17395
17436
  }
17396
17437
  /**
@@ -17437,7 +17478,7 @@ async function handleResponseEAR(request, response, apiId, config, authority, br
17437
17478
  cloud_instance_name: decryptedData.cloud_instance_name,
17438
17479
  msgraph_host: decryptedData.msgraph_host,
17439
17480
  };
17440
- return (await invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, logger, performanceClient, request.correlationId)(decryptedData, authority, nowSeconds(), request, additionalData, undefined, undefined, undefined, undefined));
17481
+ return (await invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, logger, performanceClient, request.correlationId)(decryptedData, authority, nowSeconds(), request, apiId, additionalData, undefined, undefined, undefined, undefined));
17441
17482
  }
17442
17483
 
17443
17484
  /*
@@ -19528,7 +19569,7 @@ class SilentRefreshClient extends StandardInteractionClient {
19528
19569
  account: silentRequest.account,
19529
19570
  });
19530
19571
  // Send request to renew token. Auth module will throw errors if token cannot be renewed.
19531
- return invokeAsync(refreshTokenClient.acquireTokenByRefreshToken.bind(refreshTokenClient), PerformanceEvents.RefreshTokenClientAcquireTokenByRefreshToken, this.logger, this.performanceClient, request.correlationId)(silentRequest).catch((e) => {
19572
+ return invokeAsync(refreshTokenClient.acquireTokenByRefreshToken.bind(refreshTokenClient), PerformanceEvents.RefreshTokenClientAcquireTokenByRefreshToken, this.logger, this.performanceClient, request.correlationId)(silentRequest, ApiId.acquireTokenSilent_silentFlow).catch((e) => {
19532
19573
  e.setCorrelationId(this.correlationId);
19533
19574
  serverTelemetryManager.cacheFailedRequest(e);
19534
19575
  throw e;
@@ -19572,12 +19613,13 @@ class SilentRefreshClient extends StandardInteractionClient {
19572
19613
  * Token cache manager
19573
19614
  */
19574
19615
  class TokenCache {
19575
- constructor(configuration, storage, logger, cryptoObj) {
19616
+ constructor(configuration, storage, logger, cryptoObj, performanceClient) {
19576
19617
  this.isBrowserEnvironment = typeof window !== "undefined";
19577
19618
  this.config = configuration;
19578
19619
  this.storage = storage;
19579
19620
  this.logger = logger;
19580
19621
  this.cryptoObj = cryptoObj;
19622
+ this.performanceClient = performanceClient;
19581
19623
  }
19582
19624
  // Move getAllAccounts here and cache utility APIs
19583
19625
  /**
@@ -19592,30 +19634,38 @@ class TokenCache {
19592
19634
  throw createBrowserAuthError(nonBrowserEnvironment);
19593
19635
  }
19594
19636
  const correlationId = request.correlationId || createNewGuid();
19595
- const idTokenClaims = response.id_token
19596
- ? extractTokenClaims(response.id_token, base64Decode)
19597
- : undefined;
19598
- const kmsi = isKmsi(idTokenClaims || {});
19599
- const authorityOptions = {
19600
- protocolMode: this.config.auth.protocolMode,
19601
- knownAuthorities: this.config.auth.knownAuthorities,
19602
- cloudDiscoveryMetadata: this.config.auth.cloudDiscoveryMetadata,
19603
- authorityMetadata: this.config.auth.authorityMetadata,
19604
- skipAuthorityMetadataCache: this.config.auth.skipAuthorityMetadataCache,
19605
- };
19606
- const authority = request.authority
19607
- ? new Authority(Authority.generateAuthority(request.authority, request.azureCloudOptions), this.config.system.networkClient, this.storage, authorityOptions, this.logger, request.correlationId || createNewGuid())
19608
- : undefined;
19609
- const cacheRecordAccount = await this.loadAccount(request, options.clientInfo || response.client_info || "", correlationId, idTokenClaims, authority);
19610
- const idToken = await this.loadIdToken(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, correlationId, kmsi);
19611
- const accessToken = await this.loadAccessToken(request, response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, options, correlationId, kmsi);
19612
- const refreshToken = await this.loadRefreshToken(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, correlationId, kmsi);
19613
- return this.generateAuthenticationResult(request, {
19614
- account: cacheRecordAccount,
19615
- idToken,
19616
- accessToken,
19617
- refreshToken,
19618
- }, idTokenClaims, authority);
19637
+ const rootMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.LoadExternalTokens, correlationId);
19638
+ try {
19639
+ const idTokenClaims = response.id_token
19640
+ ? extractTokenClaims(response.id_token, base64Decode)
19641
+ : undefined;
19642
+ const kmsi = isKmsi(idTokenClaims || {});
19643
+ const authorityOptions = {
19644
+ protocolMode: this.config.auth.protocolMode,
19645
+ knownAuthorities: this.config.auth.knownAuthorities,
19646
+ cloudDiscoveryMetadata: this.config.auth.cloudDiscoveryMetadata,
19647
+ authorityMetadata: this.config.auth.authorityMetadata,
19648
+ skipAuthorityMetadataCache: this.config.auth.skipAuthorityMetadataCache,
19649
+ };
19650
+ const authority = request.authority
19651
+ ? new Authority(Authority.generateAuthority(request.authority, request.azureCloudOptions), this.config.system.networkClient, this.storage, authorityOptions, this.logger, request.correlationId || createNewGuid())
19652
+ : undefined;
19653
+ const cacheRecordAccount = await invokeAsync(this.loadAccount.bind(this), PerformanceEvents.LoadAccount, this.logger, this.performanceClient, correlationId)(request, options.clientInfo || response.client_info || "", correlationId, idTokenClaims, authority);
19654
+ const idToken = await invokeAsync(this.loadIdToken.bind(this), PerformanceEvents.LoadIdToken, this.logger, this.performanceClient, correlationId)(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, correlationId, kmsi);
19655
+ const accessToken = await invokeAsync(this.loadAccessToken.bind(this), PerformanceEvents.LoadAccessToken, this.logger, this.performanceClient, correlationId)(request, response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, cacheRecordAccount.realm, options, correlationId, kmsi);
19656
+ const refreshToken = await invokeAsync(this.loadRefreshToken.bind(this), PerformanceEvents.LoadRefreshToken, this.logger, this.performanceClient, correlationId)(response, cacheRecordAccount.homeAccountId, cacheRecordAccount.environment, correlationId, kmsi);
19657
+ rootMeasurement.end({ success: true }, undefined, AccountEntity.getAccountInfo(cacheRecordAccount));
19658
+ return this.generateAuthenticationResult(request, {
19659
+ account: cacheRecordAccount,
19660
+ idToken,
19661
+ accessToken,
19662
+ refreshToken,
19663
+ }, idTokenClaims, authority);
19664
+ }
19665
+ catch (error) {
19666
+ rootMeasurement.end({ success: false }, error);
19667
+ throw error;
19668
+ }
19619
19669
  }
19620
19670
  /**
19621
19671
  * Helper function to load account to msal-browser cache
@@ -19630,7 +19680,7 @@ class TokenCache {
19630
19680
  this.logger.verbose("TokenCache - loading account");
19631
19681
  if (request.account) {
19632
19682
  const accountEntity = AccountEntity.createFromAccountInfo(request.account);
19633
- await this.storage.setAccount(accountEntity, correlationId, isKmsi(idTokenClaims || {}));
19683
+ await this.storage.setAccount(accountEntity, correlationId, isKmsi(idTokenClaims || {}), ApiId.loadExternalTokens);
19634
19684
  return accountEntity;
19635
19685
  }
19636
19686
  else if (!authority || (!clientInfo && !idTokenClaims)) {
@@ -19642,7 +19692,7 @@ class TokenCache {
19642
19692
  const cachedAccount = buildAccountToCache(this.storage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, authority.hostnameAndPort, claimsTenantId, undefined, // authCodePayload
19643
19693
  undefined, // nativeAccountId
19644
19694
  this.logger);
19645
- await this.storage.setAccount(cachedAccount, correlationId, isKmsi(idTokenClaims || {}));
19695
+ await this.storage.setAccount(cachedAccount, correlationId, isKmsi(idTokenClaims || {}), ApiId.loadExternalTokens);
19646
19696
  return cachedAccount;
19647
19697
  }
19648
19698
  /**
@@ -19818,7 +19868,7 @@ class SilentAuthCodeClient extends StandardInteractionClient {
19818
19868
  msgraph_host: request.msGraphHost,
19819
19869
  cloud_graph_host_name: request.cloudGraphHostName,
19820
19870
  cloud_instance_host_name: request.cloudInstanceHostName,
19821
- }, silentRequest, false);
19871
+ }, silentRequest, this.apiId, false);
19822
19872
  }
19823
19873
  catch (e) {
19824
19874
  if (e instanceof AuthError) {
@@ -19931,7 +19981,7 @@ class StandardController {
19931
19981
  };
19932
19982
  this.nativeInternalStorage = new BrowserCacheManager(this.config.auth.clientId, nativeCacheOptions, this.browserCrypto, this.logger, this.performanceClient, this.eventHandler);
19933
19983
  // Initialize the token cache
19934
- this.tokenCache = new TokenCache(this.config, this.browserStorage, this.logger, this.browserCrypto);
19984
+ this.tokenCache = new TokenCache(this.config, this.browserStorage, this.logger, this.browserCrypto, this.performanceClient);
19935
19985
  this.activeSilentTokenRequests = new Map();
19936
19986
  // Register listener functions
19937
19987
  this.trackPageVisibility = this.trackPageVisibility.bind(this);
@@ -20761,7 +20811,7 @@ class StandardController {
20761
20811
  this.logger.verbose("hydrateCache called");
20762
20812
  // Account gets saved to browser storage regardless of native or not
20763
20813
  const accountEntity = AccountEntity.createFromAccountInfo(result.account, result.cloudGraphHostName, result.msGraphHost);
20764
- await this.browserStorage.setAccount(accountEntity, result.correlationId, isKmsi(result.idTokenClaims));
20814
+ await this.browserStorage.setAccount(accountEntity, result.correlationId, isKmsi(result.idTokenClaims), ApiId.hydrateCache);
20765
20815
  if (result.fromNativeBroker) {
20766
20816
  this.logger.verbose("Response was from native broker, storing in-memory");
20767
20817
  // Tokens from native broker are stored in-memory