@azure/msal-browser 4.28.1 → 4.29.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (297) hide show
  1. package/dist/app/IPublicClientApplication.mjs +1 -1
  2. package/dist/app/PublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientNext.mjs +1 -1
  4. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  5. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  8. package/dist/cache/AccountManager.mjs +1 -1
  9. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  10. package/dist/cache/BrowserCacheManager.mjs +1 -1
  11. package/dist/cache/CacheHelpers.mjs +1 -1
  12. package/dist/cache/CacheKeys.mjs +1 -1
  13. package/dist/cache/CookieStorage.mjs +1 -1
  14. package/dist/cache/DatabaseStorage.mjs +1 -1
  15. package/dist/cache/EncryptedData.mjs +1 -1
  16. package/dist/cache/LocalStorage.mjs +1 -1
  17. package/dist/cache/MemoryStorage.mjs +1 -1
  18. package/dist/cache/SessionStorage.mjs +1 -1
  19. package/dist/cache/TokenCache.mjs +1 -1
  20. package/dist/config/Configuration.d.ts +7 -0
  21. package/dist/config/Configuration.d.ts.map +1 -1
  22. package/dist/config/Configuration.mjs +2 -1
  23. package/dist/config/Configuration.mjs.map +1 -1
  24. package/dist/controllers/ControllerFactory.mjs +1 -1
  25. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  26. package/dist/controllers/StandardController.d.ts +9 -0
  27. package/dist/controllers/StandardController.d.ts.map +1 -1
  28. package/dist/controllers/StandardController.mjs +56 -1
  29. package/dist/controllers/StandardController.mjs.map +1 -1
  30. package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
  31. package/dist/crypto/BrowserCrypto.mjs +1 -1
  32. package/dist/crypto/CryptoOps.mjs +1 -1
  33. package/dist/crypto/PkceGenerator.mjs +1 -1
  34. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  35. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  36. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  37. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  38. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  39. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  40. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  41. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  42. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
  43. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  44. package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
  45. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  46. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  47. package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
  48. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  49. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  50. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  51. package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
  52. package/dist/custom-auth-path/config/Configuration.d.ts +7 -0
  53. package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
  54. package/dist/custom-auth-path/config/Configuration.mjs +2 -1
  55. package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
  56. package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
  57. package/dist/custom-auth-path/controllers/StandardController.d.ts +9 -0
  58. package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
  59. package/dist/custom-auth-path/controllers/StandardController.mjs +56 -1
  60. package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
  61. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  62. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  63. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  64. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  65. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  66. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  67. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  68. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  69. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  70. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  71. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  72. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  73. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  74. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  75. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  76. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  77. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  78. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  79. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  80. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  81. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  82. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  83. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  84. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  86. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  96. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  97. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  98. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  99. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  100. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  101. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  102. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  104. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  105. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
  106. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  107. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  108. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  109. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  110. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  111. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  112. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  113. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  114. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  115. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  116. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  118. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  119. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  120. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  123. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  124. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  125. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  126. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  128. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  129. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  130. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  132. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  133. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  134. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  135. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  136. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  137. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  141. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  142. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  143. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  144. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  145. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  146. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  147. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  148. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  149. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  150. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  151. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  152. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  153. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  154. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  155. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  156. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  157. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  158. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  159. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  160. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  161. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  162. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  163. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  164. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  165. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  166. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  167. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  168. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  169. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  170. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  171. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  172. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  173. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  174. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  175. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  176. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  177. package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
  178. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  179. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  180. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  181. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  182. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  183. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
  184. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
  185. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
  186. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
  187. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  188. package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts +7 -0
  189. package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
  190. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +49 -3
  191. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
  192. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
  193. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
  194. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
  195. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
  196. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  197. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  198. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  199. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  200. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  201. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  202. package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
  203. package/dist/custom-auth-path/protocol/Authorize.mjs +5 -1
  204. package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
  205. package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
  206. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  207. package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
  208. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  209. package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
  210. package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
  211. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
  212. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  213. package/dist/encode/Base64Decode.mjs +1 -1
  214. package/dist/encode/Base64Encode.mjs +1 -1
  215. package/dist/error/BrowserAuthError.mjs +1 -1
  216. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  217. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  218. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  219. package/dist/error/NativeAuthError.mjs +1 -1
  220. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  221. package/dist/error/NestedAppAuthError.mjs +1 -1
  222. package/dist/event/EventHandler.mjs +1 -1
  223. package/dist/event/EventMessage.mjs +1 -1
  224. package/dist/event/EventType.mjs +1 -1
  225. package/dist/index.mjs +1 -1
  226. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  227. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  228. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
  229. package/dist/interaction_client/PopupClient.mjs +1 -1
  230. package/dist/interaction_client/RedirectClient.mjs +1 -1
  231. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  232. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  233. package/dist/interaction_client/SilentIframeClient.d.ts +7 -0
  234. package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
  235. package/dist/interaction_client/SilentIframeClient.mjs +49 -3
  236. package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
  237. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  238. package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
  239. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  240. package/dist/interaction_handler/SilentHandler.mjs +1 -1
  241. package/dist/naa/BridgeError.mjs +1 -1
  242. package/dist/naa/BridgeProxy.mjs +1 -1
  243. package/dist/naa/BridgeStatusCode.mjs +1 -1
  244. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  245. package/dist/navigation/NavigationClient.mjs +1 -1
  246. package/dist/network/FetchClient.mjs +1 -1
  247. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  248. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  249. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  250. package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
  251. package/dist/packageMetadata.d.ts +1 -1
  252. package/dist/packageMetadata.mjs +2 -2
  253. package/dist/protocol/Authorize.d.ts.map +1 -1
  254. package/dist/protocol/Authorize.mjs +5 -1
  255. package/dist/protocol/Authorize.mjs.map +1 -1
  256. package/dist/request/RequestHelpers.mjs +1 -1
  257. package/dist/response/ResponseHandler.mjs +1 -1
  258. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  259. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  260. package/dist/utils/BrowserConstants.mjs +1 -1
  261. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  262. package/dist/utils/BrowserUtils.mjs +1 -1
  263. package/dist/utils/Helpers.mjs +1 -1
  264. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  265. package/lib/custom-auth-path/msal-custom-auth.cjs +253 -68
  266. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  267. package/lib/custom-auth-path/msal-custom-auth.js +253 -68
  268. package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
  269. package/lib/custom-auth-path/types/config/Configuration.d.ts +7 -0
  270. package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
  271. package/lib/custom-auth-path/types/controllers/StandardController.d.ts +9 -0
  272. package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
  273. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  274. package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts +7 -0
  275. package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  276. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  277. package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
  278. package/lib/msal-browser.cjs +261 -70
  279. package/lib/msal-browser.cjs.map +1 -1
  280. package/lib/msal-browser.js +261 -70
  281. package/lib/msal-browser.js.map +1 -1
  282. package/lib/msal-browser.min.js +64 -64
  283. package/lib/types/config/Configuration.d.ts +7 -0
  284. package/lib/types/config/Configuration.d.ts.map +1 -1
  285. package/lib/types/controllers/StandardController.d.ts +9 -0
  286. package/lib/types/controllers/StandardController.d.ts.map +1 -1
  287. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  288. package/lib/types/interaction_client/SilentIframeClient.d.ts +7 -0
  289. package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  290. package/lib/types/packageMetadata.d.ts +1 -1
  291. package/lib/types/protocol/Authorize.d.ts.map +1 -1
  292. package/package.json +2 -2
  293. package/src/config/Configuration.ts +8 -0
  294. package/src/controllers/StandardController.ts +92 -0
  295. package/src/interaction_client/SilentIframeClient.ts +136 -0
  296. package/src/packageMetadata.ts +1 -1
  297. package/src/protocol/Authorize.ts +14 -0
@@ -1,8 +1,8 @@
1
- /*! @azure/msal-browser v4.28.1 2026-01-17 */
1
+ /*! @azure/msal-browser v4.29.0 2026-02-23 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
5
- /*! @azure/msal-common v15.14.1 2026-01-17 */
5
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6
6
  /*
7
7
  * Copyright (c) Microsoft Corporation. All rights reserved.
8
8
  * Licensed under the MIT License.
@@ -279,7 +279,7 @@ const JsonWebTokenTypes = {
279
279
  // Token renewal offset default in seconds
280
280
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
281
281
 
282
- /*! @azure/msal-common v15.14.1 2026-01-17 */
282
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
283
283
  /*
284
284
  * Copyright (c) Microsoft Corporation. All rights reserved.
285
285
  * Licensed under the MIT License.
@@ -296,7 +296,7 @@ var AuthErrorCodes = /*#__PURE__*/Object.freeze({
296
296
  unexpectedError: unexpectedError
297
297
  });
298
298
 
299
- /*! @azure/msal-common v15.14.1 2026-01-17 */
299
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
300
300
 
301
301
  /*
302
302
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -345,7 +345,7 @@ function createAuthError(code, additionalMessage) {
345
345
  : AuthErrorMessages[code]);
346
346
  }
347
347
 
348
- /*! @azure/msal-common v15.14.1 2026-01-17 */
348
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
349
349
  /*
350
350
  * Copyright (c) Microsoft Corporation. All rights reserved.
351
351
  * Licensed under the MIT License.
@@ -445,7 +445,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
445
445
  userTimeoutReached: userTimeoutReached
446
446
  });
447
447
 
448
- /*! @azure/msal-common v15.14.1 2026-01-17 */
448
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
449
449
 
450
450
  /*
451
451
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -702,7 +702,7 @@ function createClientAuthError(errorCode, additionalMessage) {
702
702
  return new ClientAuthError(errorCode, additionalMessage);
703
703
  }
704
704
 
705
- /*! @azure/msal-common v15.14.1 2026-01-17 */
705
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
706
706
 
707
707
  /*
708
708
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -741,7 +741,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
741
741
  },
742
742
  };
743
743
 
744
- /*! @azure/msal-common v15.14.1 2026-01-17 */
744
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
745
745
 
746
746
  /*
747
747
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -932,12 +932,12 @@ class Logger {
932
932
  }
933
933
  }
934
934
 
935
- /*! @azure/msal-common v15.14.1 2026-01-17 */
935
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
936
936
  /* eslint-disable header/header */
937
937
  const name$1 = "@azure/msal-common";
938
- const version$1 = "15.14.1";
938
+ const version$1 = "15.15.0";
939
939
 
940
- /*! @azure/msal-common v15.14.1 2026-01-17 */
940
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
941
941
  /*
942
942
  * Copyright (c) Microsoft Corporation. All rights reserved.
943
943
  * Licensed under the MIT License.
@@ -957,7 +957,7 @@ const AzureCloudInstance = {
957
957
  AzureUsGovernment: "https://login.microsoftonline.us",
958
958
  };
959
959
 
960
- /*! @azure/msal-common v15.14.1 2026-01-17 */
960
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
961
961
  /*
962
962
  * Copyright (c) Microsoft Corporation. All rights reserved.
963
963
  * Licensed under the MIT License.
@@ -1015,7 +1015,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
1015
1015
  urlParseError: urlParseError
1016
1016
  });
1017
1017
 
1018
- /*! @azure/msal-common v15.14.1 2026-01-17 */
1018
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1019
1019
 
1020
1020
  /*
1021
1021
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1163,7 +1163,7 @@ function createClientConfigurationError(errorCode) {
1163
1163
  return new ClientConfigurationError(errorCode);
1164
1164
  }
1165
1165
 
1166
- /*! @azure/msal-common v15.14.1 2026-01-17 */
1166
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1167
1167
  /*
1168
1168
  * Copyright (c) Microsoft Corporation. All rights reserved.
1169
1169
  * Licensed under the MIT License.
@@ -1260,7 +1260,7 @@ class StringUtils {
1260
1260
  }
1261
1261
  }
1262
1262
 
1263
- /*! @azure/msal-common v15.14.1 2026-01-17 */
1263
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1264
1264
 
1265
1265
  /*
1266
1266
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1455,7 +1455,7 @@ class ScopeSet {
1455
1455
  }
1456
1456
  }
1457
1457
 
1458
- /*! @azure/msal-common v15.14.1 2026-01-17 */
1458
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1459
1459
 
1460
1460
  /*
1461
1461
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1495,7 +1495,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
1495
1495
  };
1496
1496
  }
1497
1497
 
1498
- /*! @azure/msal-common v15.14.1 2026-01-17 */
1498
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1499
1499
  /*
1500
1500
  * Copyright (c) Microsoft Corporation. All rights reserved.
1501
1501
  * Licensed under the MIT License.
@@ -1577,7 +1577,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
1577
1577
  return updatedAccountInfo;
1578
1578
  }
1579
1579
 
1580
- /*! @azure/msal-common v15.14.1 2026-01-17 */
1580
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1581
1581
  /*
1582
1582
  * Copyright (c) Microsoft Corporation. All rights reserved.
1583
1583
  * Licensed under the MIT License.
@@ -1592,7 +1592,7 @@ const AuthorityType = {
1592
1592
  Ciam: 3,
1593
1593
  };
1594
1594
 
1595
- /*! @azure/msal-common v15.14.1 2026-01-17 */
1595
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1596
1596
  /*
1597
1597
  * Copyright (c) Microsoft Corporation. All rights reserved.
1598
1598
  * Licensed under the MIT License.
@@ -1614,7 +1614,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
1614
1614
  return null;
1615
1615
  }
1616
1616
 
1617
- /*! @azure/msal-common v15.14.1 2026-01-17 */
1617
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1618
1618
  /*
1619
1619
  * Copyright (c) Microsoft Corporation. All rights reserved.
1620
1620
  * Licensed under the MIT License.
@@ -1638,7 +1638,7 @@ const ProtocolMode = {
1638
1638
  EAR: "EAR",
1639
1639
  };
1640
1640
 
1641
- /*! @azure/msal-common v15.14.1 2026-01-17 */
1641
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1642
1642
 
1643
1643
  /*
1644
1644
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1873,7 +1873,7 @@ class AccountEntity {
1873
1873
  }
1874
1874
  }
1875
1875
 
1876
- /*! @azure/msal-common v15.14.1 2026-01-17 */
1876
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1877
1877
 
1878
1878
  /*
1879
1879
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1954,7 +1954,7 @@ function checkMaxAge(authTime, maxAge) {
1954
1954
  }
1955
1955
  }
1956
1956
 
1957
- /*! @azure/msal-common v15.14.1 2026-01-17 */
1957
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1958
1958
 
1959
1959
  /*
1960
1960
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2070,7 +2070,7 @@ function normalizeUrlForComparison(url) {
2070
2070
  }
2071
2071
  }
2072
2072
 
2073
- /*! @azure/msal-common v15.14.1 2026-01-17 */
2073
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
2074
2074
 
2075
2075
  /*
2076
2076
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2234,7 +2234,7 @@ class UrlString {
2234
2234
  }
2235
2235
  }
2236
2236
 
2237
- /*! @azure/msal-common v15.14.1 2026-01-17 */
2237
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
2238
2238
 
2239
2239
  /*
2240
2240
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2263,6 +2263,27 @@ const rawMetdataJSON = {
2263
2263
  authorization_endpoint: "https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/authorize",
2264
2264
  end_session_endpoint: "https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/logout",
2265
2265
  },
2266
+ "login.sovcloud-identity.fr": {
2267
+ token_endpoint: "https://login.sovcloud-identity.fr/{tenantid}/oauth2/v2.0/token",
2268
+ jwks_uri: "https://login.sovcloud-identity.fr/{tenantid}/discovery/v2.0/keys",
2269
+ issuer: "https://login.sovcloud-identity.fr/{tenantid}/v2.0",
2270
+ authorization_endpoint: "https://login.sovcloud-identity.fr/{tenantid}/oauth2/v2.0/authorize",
2271
+ end_session_endpoint: "https://login.sovcloud-identity.fr/{tenantid}/oauth2/v2.0/logout",
2272
+ },
2273
+ "login.sovcloud-identity.de": {
2274
+ token_endpoint: "https://login.sovcloud-identity.de/{tenantid}/oauth2/v2.0/token",
2275
+ jwks_uri: "https://login.sovcloud-identity.de/{tenantid}/discovery/v2.0/keys",
2276
+ issuer: "https://login.sovcloud-identity.de/{tenantid}/v2.0",
2277
+ authorization_endpoint: "https://login.sovcloud-identity.de/{tenantid}/oauth2/v2.0/authorize",
2278
+ end_session_endpoint: "https://login.sovcloud-identity.de/{tenantid}/oauth2/v2.0/logout",
2279
+ },
2280
+ "login.sovcloud-identity.sg": {
2281
+ token_endpoint: "https://login.sovcloud-identity.sg/common/oauth2/v2.0/token",
2282
+ jwks_uri: "https://login.sovcloud-identity.sg/common/discovery/v2.0/keys",
2283
+ issuer: "https://login.sovcloud-identity.sg/{tenantid}/v2.0",
2284
+ authorization_endpoint: "https://login.sovcloud-identity.sg/common/oauth2/v2.0/authorize",
2285
+ end_session_endpoint: "https://login.sovcloud-identity.sg/common/oauth2/v2.0/logout",
2286
+ },
2266
2287
  },
2267
2288
  instanceDiscoveryMetadata: {
2268
2289
  metadata: [
@@ -2302,6 +2323,21 @@ const rawMetdataJSON = {
2302
2323
  preferred_cache: "login-us.microsoftonline.com",
2303
2324
  aliases: ["login-us.microsoftonline.com"],
2304
2325
  },
2326
+ {
2327
+ preferred_network: "login.sovcloud-identity.fr",
2328
+ preferred_cache: "login.sovcloud-identity.fr",
2329
+ aliases: ["login.sovcloud-identity.fr"],
2330
+ },
2331
+ {
2332
+ preferred_network: "login.sovcloud-identity.de",
2333
+ preferred_cache: "login.sovcloud-identity.de",
2334
+ aliases: ["login.sovcloud-identity.de"],
2335
+ },
2336
+ {
2337
+ preferred_network: "login.sovcloud-identity.sg",
2338
+ preferred_cache: "login.sovcloud-identity.sg",
2339
+ aliases: ["login.sovcloud-identity.sg"],
2340
+ },
2305
2341
  ],
2306
2342
  },
2307
2343
  };
@@ -2373,7 +2409,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
2373
2409
  return null;
2374
2410
  }
2375
2411
 
2376
- /*! @azure/msal-common v15.14.1 2026-01-17 */
2412
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
2377
2413
  /*
2378
2414
  * Copyright (c) Microsoft Corporation. All rights reserved.
2379
2415
  * Licensed under the MIT License.
@@ -2381,7 +2417,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
2381
2417
  const cacheQuotaExceeded = "cache_quota_exceeded";
2382
2418
  const cacheErrorUnknown = "cache_error_unknown";
2383
2419
 
2384
- /*! @azure/msal-common v15.14.1 2026-01-17 */
2420
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
2385
2421
 
2386
2422
  /*
2387
2423
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2426,7 +2462,7 @@ function createCacheError(e) {
2426
2462
  }
2427
2463
  }
2428
2464
 
2429
- /*! @azure/msal-common v15.14.1 2026-01-17 */
2465
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
2430
2466
 
2431
2467
  /*
2432
2468
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3537,7 +3573,7 @@ class DefaultStorageClass extends CacheManager {
3537
3573
  }
3538
3574
  }
3539
3575
 
3540
- /*! @azure/msal-common v15.14.1 2026-01-17 */
3576
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
3541
3577
  /*
3542
3578
  * Copyright (c) Microsoft Corporation. All rights reserved.
3543
3579
  * Licensed under the MIT License.
@@ -3799,6 +3835,11 @@ const PerformanceEvents = {
3799
3835
  LoadIdToken: "loadIdToken",
3800
3836
  LoadAccessToken: "loadAccessToken",
3801
3837
  LoadRefreshToken: "loadRefreshToken",
3838
+ /**
3839
+ * SSO capability verification call (msal-browser).
3840
+ * Fire-and-forget SSO verification call made after interactive authentication completes.
3841
+ */
3842
+ SsoCapable: "ssoCapable",
3802
3843
  };
3803
3844
  const PerformanceEventAbbreviations = new Map([
3804
3845
  [PerformanceEvents.AcquireTokenByCode, "ATByCode"],
@@ -4026,6 +4067,7 @@ const PerformanceEventAbbreviations = new Map([
4026
4067
  [PerformanceEvents.Decrypt, "decrypt"],
4027
4068
  [PerformanceEvents.GenerateEarKey, "genEarKey"],
4028
4069
  [PerformanceEvents.DecryptEarResponse, "decryptEarResp"],
4070
+ [PerformanceEvents.SsoCapable, "SsoCapable"],
4029
4071
  ]);
4030
4072
  /**
4031
4073
  * State of the performance event.
@@ -4064,7 +4106,7 @@ const IntFields = new Set([
4064
4106
  "upgradedCacheCount",
4065
4107
  ]);
4066
4108
 
4067
- /*! @azure/msal-common v15.14.1 2026-01-17 */
4109
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4068
4110
 
4069
4111
  /*
4070
4112
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4143,7 +4185,7 @@ class StubPerformanceClient {
4143
4185
  }
4144
4186
  }
4145
4187
 
4146
- /*! @azure/msal-common v15.14.1 2026-01-17 */
4188
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4147
4189
 
4148
4190
  /*
4149
4191
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4243,7 +4285,7 @@ function isOidcProtocolMode(config) {
4243
4285
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
4244
4286
  }
4245
4287
 
4246
- /*! @azure/msal-common v15.14.1 2026-01-17 */
4288
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4247
4289
  /*
4248
4290
  * Copyright (c) Microsoft Corporation. All rights reserved.
4249
4291
  * Licensed under the MIT License.
@@ -4253,7 +4295,7 @@ const CcsCredentialType = {
4253
4295
  UPN: "UPN",
4254
4296
  };
4255
4297
 
4256
- /*! @azure/msal-common v15.14.1 2026-01-17 */
4298
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4257
4299
  /*
4258
4300
  * Copyright (c) Microsoft Corporation. All rights reserved.
4259
4301
  * Licensed under the MIT License.
@@ -4303,7 +4345,7 @@ const INSTANCE_AWARE = "instance_aware";
4303
4345
  const EAR_JWK = "ear_jwk";
4304
4346
  const EAR_JWE_CRYPTO = "ear_jwe_crypto";
4305
4347
 
4306
- /*! @azure/msal-common v15.14.1 2026-01-17 */
4348
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4307
4349
 
4308
4350
  /*
4309
4351
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4683,7 +4725,7 @@ function addPostBodyParameters(parameters, bodyParameters) {
4683
4725
  });
4684
4726
  }
4685
4727
 
4686
- /*! @azure/msal-common v15.14.1 2026-01-17 */
4728
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4687
4729
  /*
4688
4730
  * Copyright (c) Microsoft Corporation. All rights reserved.
4689
4731
  * Licensed under the MIT License.
@@ -4695,7 +4737,7 @@ function isOpenIdConfigResponse(response) {
4695
4737
  response.hasOwnProperty("jwks_uri"));
4696
4738
  }
4697
4739
 
4698
- /*! @azure/msal-common v15.14.1 2026-01-17 */
4740
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4699
4741
  /*
4700
4742
  * Copyright (c) Microsoft Corporation. All rights reserved.
4701
4743
  * Licensed under the MIT License.
@@ -4705,7 +4747,7 @@ function isCloudInstanceDiscoveryResponse(response) {
4705
4747
  response.hasOwnProperty("metadata"));
4706
4748
  }
4707
4749
 
4708
- /*! @azure/msal-common v15.14.1 2026-01-17 */
4750
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4709
4751
  /*
4710
4752
  * Copyright (c) Microsoft Corporation. All rights reserved.
4711
4753
  * Licensed under the MIT License.
@@ -4715,7 +4757,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
4715
4757
  response.hasOwnProperty("error_description"));
4716
4758
  }
4717
4759
 
4718
- /*! @azure/msal-common v15.14.1 2026-01-17 */
4760
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4719
4761
  /*
4720
4762
  * Copyright (c) Microsoft Corporation. All rights reserved.
4721
4763
  * Licensed under the MIT License.
@@ -4811,7 +4853,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
4811
4853
  };
4812
4854
  };
4813
4855
 
4814
- /*! @azure/msal-common v15.14.1 2026-01-17 */
4856
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4815
4857
 
4816
4858
  /*
4817
4859
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4917,7 +4959,7 @@ RegionDiscovery.IMDS_OPTIONS = {
4917
4959
  },
4918
4960
  };
4919
4961
 
4920
- /*! @azure/msal-common v15.14.1 2026-01-17 */
4962
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4921
4963
  /*
4922
4964
  * Copyright (c) Microsoft Corporation. All rights reserved.
4923
4965
  * Licensed under the MIT License.
@@ -4982,7 +5024,7 @@ function wasClockTurnedBack(cachedAt) {
4982
5024
  return cachedAtSec > nowSeconds();
4983
5025
  }
4984
5026
 
4985
- /*! @azure/msal-common v15.14.1 2026-01-17 */
5027
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4986
5028
 
4987
5029
  /*
4988
5030
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5244,7 +5286,7 @@ function isAuthorityMetadataExpired(metadata) {
5244
5286
  return metadata.expiresAt <= nowSeconds();
5245
5287
  }
5246
5288
 
5247
- /*! @azure/msal-common v15.14.1 2026-01-17 */
5289
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
5248
5290
 
5249
5291
  /*
5250
5292
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6083,7 +6125,7 @@ function buildStaticAuthorityOptions(authOptions) {
6083
6125
  };
6084
6126
  }
6085
6127
 
6086
- /*! @azure/msal-common v15.14.1 2026-01-17 */
6128
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6087
6129
 
6088
6130
  /*
6089
6131
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6114,7 +6156,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
6114
6156
  }
6115
6157
  }
6116
6158
 
6117
- /*! @azure/msal-common v15.14.1 2026-01-17 */
6159
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6118
6160
 
6119
6161
  /*
6120
6162
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6133,7 +6175,7 @@ class ServerError extends AuthError {
6133
6175
  }
6134
6176
  }
6135
6177
 
6136
- /*! @azure/msal-common v15.14.1 2026-01-17 */
6178
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6137
6179
  /*
6138
6180
  * Copyright (c) Microsoft Corporation. All rights reserved.
6139
6181
  * Licensed under the MIT License.
@@ -6154,7 +6196,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
6154
6196
  };
6155
6197
  }
6156
6198
 
6157
- /*! @azure/msal-common v15.14.1 2026-01-17 */
6199
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6158
6200
 
6159
6201
  /*
6160
6202
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6241,7 +6283,7 @@ class ThrottlingUtils {
6241
6283
  }
6242
6284
  }
6243
6285
 
6244
- /*! @azure/msal-common v15.14.1 2026-01-17 */
6286
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6245
6287
 
6246
6288
  /*
6247
6289
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6272,7 +6314,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
6272
6314
  return new NetworkError(error, httpStatus, responseHeaders);
6273
6315
  }
6274
6316
 
6275
- /*! @azure/msal-common v15.14.1 2026-01-17 */
6317
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6276
6318
 
6277
6319
  /*
6278
6320
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6420,27 +6462,63 @@ class BaseClient {
6420
6462
  }
6421
6463
  }
6422
6464
 
6423
- /*! @azure/msal-common v15.14.1 2026-01-17 */
6465
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6424
6466
  /*
6425
6467
  * Copyright (c) Microsoft Corporation. All rights reserved.
6426
6468
  * Licensed under the MIT License.
6427
6469
  */
6428
- // Codes defined by MSAL
6470
+ /**
6471
+ * MSAL-defined interaction required error code indicating no tokens are found in cache.
6472
+ * @public
6473
+ */
6429
6474
  const noTokensFound = "no_tokens_found";
6475
+ /**
6476
+ * MSAL-defined error code indicating a native account is unavailable on the platform.
6477
+ * @public
6478
+ */
6430
6479
  const nativeAccountUnavailable = "native_account_unavailable";
6480
+ /**
6481
+ * MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
6482
+ * @public
6483
+ */
6431
6484
  const refreshTokenExpired = "refresh_token_expired";
6485
+ /**
6486
+ * MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
6487
+ * @public
6488
+ */
6432
6489
  const uxNotAllowed = "ux_not_allowed";
6433
- // Codes potentially returned by server
6490
+ /**
6491
+ * Server-originated error code indicating interaction is required to complete the request.
6492
+ * @public
6493
+ */
6434
6494
  const interactionRequired = "interaction_required";
6495
+ /**
6496
+ * Server-originated error code indicating user consent is required.
6497
+ * @public
6498
+ */
6435
6499
  const consentRequired = "consent_required";
6500
+ /**
6501
+ * Server-originated error code indicating user login is required.
6502
+ * @public
6503
+ */
6436
6504
  const loginRequired = "login_required";
6437
- const badToken = "bad_token";
6505
+ /**
6506
+ * Server-originated error code indicating the token is invalid or corrupted.
6507
+ * @public
6508
+ */
6509
+ const badToken = "bad_token";
6510
+ /**
6511
+ * Server-originated error code indicating the user was interrupted and must reattempt the flow.
6512
+ * @public
6513
+ */
6514
+ const interruptedUser = "interrupted_user";
6438
6515
 
6439
6516
  var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
6440
6517
  __proto__: null,
6441
6518
  badToken: badToken,
6442
6519
  consentRequired: consentRequired,
6443
6520
  interactionRequired: interactionRequired,
6521
+ interruptedUser: interruptedUser,
6444
6522
  loginRequired: loginRequired,
6445
6523
  nativeAccountUnavailable: nativeAccountUnavailable,
6446
6524
  noTokensFound: noTokensFound,
@@ -6448,7 +6526,7 @@ var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
6448
6526
  uxNotAllowed: uxNotAllowed
6449
6527
  });
6450
6528
 
6451
- /*! @azure/msal-common v15.14.1 2026-01-17 */
6529
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6452
6530
 
6453
6531
  /*
6454
6532
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6463,6 +6541,7 @@ const InteractionRequiredServerErrorMessage = [
6463
6541
  loginRequired,
6464
6542
  badToken,
6465
6543
  uxNotAllowed,
6544
+ interruptedUser,
6466
6545
  ];
6467
6546
  const InteractionRequiredAuthSubErrorMessage = [
6468
6547
  "message_only",
@@ -6471,6 +6550,7 @@ const InteractionRequiredAuthSubErrorMessage = [
6471
6550
  "user_password_expired",
6472
6551
  "consent_required",
6473
6552
  "bad_token",
6553
+ "interrupted_user",
6474
6554
  ];
6475
6555
  const InteractionRequiredAuthErrorMessages = {
6476
6556
  [noTokensFound]: "No refresh token found in the cache. Please sign-in.",
@@ -6478,6 +6558,7 @@ const InteractionRequiredAuthErrorMessages = {
6478
6558
  [refreshTokenExpired]: "Refresh token has expired.",
6479
6559
  [badToken]: "Identity provider returned bad_token due to an expired or invalid refresh token. Please invoke an interactive API to resolve.",
6480
6560
  [uxNotAllowed]: "`canShowUI` flag in Edge was set to false. User interaction required on web page. Please invoke an interactive API to resolve.",
6561
+ [interruptedUser]: "The user could not be authenticated due to an interrupted state. Please invoke an interactive API to resolve.",
6481
6562
  };
6482
6563
  /**
6483
6564
  * Interaction required errors defined by the SDK
@@ -6496,6 +6577,10 @@ const InteractionRequiredAuthErrorMessage = {
6496
6577
  code: badToken,
6497
6578
  desc: InteractionRequiredAuthErrorMessages[badToken],
6498
6579
  },
6580
+ interrupted_user: {
6581
+ code: interruptedUser,
6582
+ desc: InteractionRequiredAuthErrorMessages[interruptedUser],
6583
+ },
6499
6584
  };
6500
6585
  /**
6501
6586
  * Error thrown when user interaction is required.
@@ -6538,7 +6623,7 @@ function createInteractionRequiredAuthError(errorCode) {
6538
6623
  return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
6539
6624
  }
6540
6625
 
6541
- /*! @azure/msal-common v15.14.1 2026-01-17 */
6626
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6542
6627
 
6543
6628
  /*
6544
6629
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6610,7 +6695,7 @@ class ProtocolUtils {
6610
6695
  }
6611
6696
  }
6612
6697
 
6613
- /*! @azure/msal-common v15.14.1 2026-01-17 */
6698
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6614
6699
 
6615
6700
  /*
6616
6701
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6692,7 +6777,7 @@ class PopTokenGenerator {
6692
6777
  }
6693
6778
  }
6694
6779
 
6695
- /*! @azure/msal-common v15.14.1 2026-01-17 */
6780
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6696
6781
  /*
6697
6782
  * Copyright (c) Microsoft Corporation. All rights reserved.
6698
6783
  * Licensed under the MIT License.
@@ -6719,7 +6804,7 @@ class PopTokenGenerator {
6719
6804
  }
6720
6805
  }
6721
6806
 
6722
- /*! @azure/msal-common v15.14.1 2026-01-17 */
6807
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6723
6808
 
6724
6809
  /*
6725
6810
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7058,7 +7143,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
7058
7143
  return baseAccount;
7059
7144
  }
7060
7145
 
7061
- /*! @azure/msal-common v15.14.1 2026-01-17 */
7146
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
7062
7147
  /*
7063
7148
  * Copyright (c) Microsoft Corporation. All rights reserved.
7064
7149
  * Licensed under the MIT License.
@@ -7076,7 +7161,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
7076
7161
  }
7077
7162
  }
7078
7163
 
7079
- /*! @azure/msal-common v15.14.1 2026-01-17 */
7164
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
7080
7165
 
7081
7166
  /*
7082
7167
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7312,7 +7397,7 @@ class AuthorizationCodeClient extends BaseClient {
7312
7397
  }
7313
7398
  }
7314
7399
 
7315
- /*! @azure/msal-common v15.14.1 2026-01-17 */
7400
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
7316
7401
 
7317
7402
  /*
7318
7403
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7524,7 +7609,7 @@ class RefreshTokenClient extends BaseClient {
7524
7609
  }
7525
7610
  }
7526
7611
 
7527
- /*! @azure/msal-common v15.14.1 2026-01-17 */
7612
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
7528
7613
 
7529
7614
  /*
7530
7615
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7622,7 +7707,7 @@ class SilentFlowClient extends BaseClient {
7622
7707
  }
7623
7708
  }
7624
7709
 
7625
- /*! @azure/msal-common v15.14.1 2026-01-17 */
7710
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
7626
7711
 
7627
7712
  /*
7628
7713
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7637,7 +7722,7 @@ const StubbedNetworkModule = {
7637
7722
  },
7638
7723
  };
7639
7724
 
7640
- /*! @azure/msal-common v15.14.1 2026-01-17 */
7725
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
7641
7726
 
7642
7727
  /*
7643
7728
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7861,7 +7946,7 @@ function extractLoginHint(account) {
7861
7946
  return account.loginHint || account.idTokenClaims?.login_hint || null;
7862
7947
  }
7863
7948
 
7864
- /*! @azure/msal-common v15.14.1 2026-01-17 */
7949
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
7865
7950
 
7866
7951
  /*
7867
7952
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7919,7 +8004,7 @@ class AuthenticationHeaderParser {
7919
8004
  }
7920
8005
  }
7921
8006
 
7922
- /*! @azure/msal-common v15.14.1 2026-01-17 */
8007
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
7923
8008
 
7924
8009
  /*
7925
8010
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8182,7 +8267,7 @@ class ServerTelemetryManager {
8182
8267
  }
8183
8268
  }
8184
8269
 
8185
- /*! @azure/msal-common v15.14.1 2026-01-17 */
8270
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
8186
8271
  /*
8187
8272
  * Copyright (c) Microsoft Corporation. All rights reserved.
8188
8273
  * Licensed under the MIT License.
@@ -8190,7 +8275,7 @@ class ServerTelemetryManager {
8190
8275
  const missingKidError = "missing_kid_error";
8191
8276
  const missingAlgError = "missing_alg_error";
8192
8277
 
8193
- /*! @azure/msal-common v15.14.1 2026-01-17 */
8278
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
8194
8279
 
8195
8280
  /*
8196
8281
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8215,7 +8300,7 @@ function createJoseHeaderError(code) {
8215
8300
  return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
8216
8301
  }
8217
8302
 
8218
- /*! @azure/msal-common v15.14.1 2026-01-17 */
8303
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
8219
8304
 
8220
8305
  /*
8221
8306
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8255,7 +8340,7 @@ class JoseHeader {
8255
8340
  }
8256
8341
  }
8257
8342
 
8258
- /*! @azure/msal-common v15.14.1 2026-01-17 */
8343
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
8259
8344
 
8260
8345
  /*
8261
8346
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -10308,6 +10393,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
10308
10393
  supportsNestedAppAuth: false,
10309
10394
  instanceAware: false,
10310
10395
  encodeExtraQueryParams: false,
10396
+ verifySSO: false,
10311
10397
  };
10312
10398
  // Default cache options for browser
10313
10399
  const DEFAULT_CACHE_OPTIONS = {
@@ -10396,7 +10482,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
10396
10482
 
10397
10483
  /* eslint-disable header/header */
10398
10484
  const name = "@azure/msal-browser";
10399
- const version = "4.28.1";
10485
+ const version = "4.29.0";
10400
10486
 
10401
10487
  /*
10402
10488
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -14893,6 +14979,8 @@ async function getEARForm(frame, config, authority, request, logger, performance
14893
14979
  addCodeChallengeParams(parameters, request.codeChallenge, Constants.S256_CODE_CHALLENGE_METHOD);
14894
14980
  const queryParams = new Map();
14895
14981
  addExtraQueryParameters(queryParams, request.extraQueryParameters || {});
14982
+ // Add correlationId to query params so gateway can propagate it to IDPs
14983
+ addCorrelationId(queryParams, request.correlationId);
14896
14984
  const url = getAuthorizeUrl(authority, queryParams, config.auth.encodeExtraQueryParams, request.extraQueryParameters);
14897
14985
  return createForm(frame, url, parameters);
14898
14986
  }
@@ -14906,6 +14994,8 @@ async function getCodeForm(frame, config, authority, request, logger, performanc
14906
14994
  addPostBodyParameters(parameters, request.authorizePostBodyParameters || {});
14907
14995
  const queryParams = new Map();
14908
14996
  addExtraQueryParameters(queryParams, request.extraQueryParameters || {});
14997
+ // Add correlationId to query params so gateway can propagate it to IDPs
14998
+ addCorrelationId(queryParams, request.correlationId);
14909
14999
  const url = getAuthorizeUrl(authority, queryParams, config.auth.encodeExtraQueryParams, request.extraQueryParameters);
14910
15000
  return createForm(frame, url, parameters);
14911
15001
  }
@@ -16777,6 +16867,52 @@ class SilentIframeClient extends StandardInteractionClient {
16777
16867
  return invokeAsync(handleResponseEAR, PerformanceEvents.HandleResponseEar, this.logger, this.performanceClient, correlationId)(silentRequest, serverParams, this.apiId, this.config, discoveredAuthority, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
16778
16868
  }
16779
16869
  }
16870
+ /**
16871
+ * Verifies SSO capability by making an iframe request to /authorize without exchanging the code for tokens.
16872
+ * This is useful for verifying SSO capability in the background without the overhead of a full token exchange.
16873
+ * @param request - The SSO silent request
16874
+ * @returns true if SSO verification was successful with a valid authorization code, false otherwise
16875
+ */
16876
+ async verifySso(request) {
16877
+ this.performanceClient.addQueueMeasurement(PerformanceEvents.SilentIframeClientAcquireToken, request.correlationId);
16878
+ const inputRequest = { ...request };
16879
+ if (!inputRequest.prompt) {
16880
+ inputRequest.prompt = PromptValue.NONE;
16881
+ }
16882
+ // Create silent request
16883
+ const silentRequest = await invokeAsync(this.initializeAuthorizationRequest.bind(this), PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest, this.logger, this.performanceClient, request.correlationId)(inputRequest, exports.InteractionType.Silent);
16884
+ const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), PerformanceEvents.StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, request.correlationId)({
16885
+ serverTelemetryManager: this.initializeServerTelemetryManager(this.apiId),
16886
+ requestAuthority: silentRequest.authority,
16887
+ requestAzureCloudOptions: silentRequest.azureCloudOptions,
16888
+ requestExtraQueryParameters: silentRequest.extraQueryParameters,
16889
+ account: silentRequest.account,
16890
+ });
16891
+ const correlationId = silentRequest.correlationId;
16892
+ const pkceCodes = await invokeAsync(generatePkceCodes, PerformanceEvents.GeneratePkceCodes, this.logger, this.performanceClient, correlationId)(this.performanceClient, this.logger, correlationId);
16893
+ const requestWithPkce = {
16894
+ ...silentRequest,
16895
+ codeChallenge: pkceCodes.challenge,
16896
+ };
16897
+ // Create authorize request url
16898
+ const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, requestWithPkce, this.logger, this.performanceClient);
16899
+ // Get the frame handle for the silent request - this triggers the SSO verification
16900
+ const msalFrame = await invokeAsync(initiateCodeRequest, PerformanceEvents.SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(navigateUrl, this.performanceClient, this.logger, correlationId, this.config.system.navigateFrameWait);
16901
+ const responseType = this.config.auth.OIDCOptions.serverResponseType;
16902
+ // Monitor the iframe for the response
16903
+ const responseString = await invokeAsync(monitorIframeForHash, PerformanceEvents.SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(msalFrame, this.config.system.iframeHashTimeout, this.config.system.pollIntervalMilliseconds, this.performanceClient, this.logger, correlationId, responseType);
16904
+ // Deserialize the response
16905
+ const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger);
16906
+ // Validate the response - this checks for errors and validates state
16907
+ validateAuthorizationResponse(serverParams, silentRequest.state);
16908
+ // Verify a valid authorization code is present
16909
+ if (!serverParams.code) {
16910
+ this.logger.warning("SSO verification response did not contain an authorization code", correlationId);
16911
+ return false;
16912
+ }
16913
+ this.logger.verbose("SSO verification completed successfully with valid authorization code - skipped token exchange", correlationId);
16914
+ return true;
16915
+ }
16780
16916
  /**
16781
16917
  * Currently Unsupported
16782
16918
  */
@@ -17427,6 +17563,8 @@ class StandardController {
17427
17563
  rootMeasurement.end({
17428
17564
  success: true,
17429
17565
  }, undefined, result.account);
17566
+ // Fire-and-forget SSO capability verification in background
17567
+ this.verifySsoCapability(result.account, exports.InteractionType.Redirect);
17430
17568
  }
17431
17569
  else {
17432
17570
  /*
@@ -17659,6 +17797,8 @@ class StandardController {
17659
17797
  accessTokenSize: result.accessToken.length,
17660
17798
  idTokenSize: result.idToken.length,
17661
17799
  }, undefined, result.account);
17800
+ // SSO capability verification in background
17801
+ this.verifySsoCapability(result.account, exports.InteractionType.Popup);
17662
17802
  return result;
17663
17803
  })
17664
17804
  .catch((e) => {
@@ -17692,6 +17832,53 @@ class StandardController {
17692
17832
  visibilityChangeCount: 1,
17693
17833
  });
17694
17834
  }
17835
+ /**
17836
+ * SSO capability verification in the background.
17837
+ * This method makes an iframe request to /authorize to verify SSO capability without calling /token.
17838
+ * This method does not block the caller and tracks telemetry for success/failure.
17839
+ * This method only executes if verifySSO is set to true in the auth configuration.
17840
+ * @param account - The account to use for the SSO verification
17841
+ * @param parentApi - The API ID of the parent operation for logging purposes
17842
+ */
17843
+ verifySsoCapability(account, parentApi) {
17844
+ // Check if SSO capability verification is enabled
17845
+ if (!this.config.auth.verifySSO) {
17846
+ return;
17847
+ }
17848
+ const correlationId = this.browserCrypto.createNewGuid();
17849
+ const ssoCapableMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.SsoCapable, correlationId);
17850
+ ssoCapableMeasurement.add({
17851
+ parentApi: parentApi,
17852
+ });
17853
+ this.logger.verbose(`SSO capability verification initiated after ${parentApi}`, correlationId);
17854
+ /*
17855
+ * Use setTimeout to ensure this runs in a separate macrotask after the current call stack completes
17856
+ * This ensures the result is returned to the caller before the SSO verification starts and doesn't affect performance
17857
+ */
17858
+ setTimeout(() => {
17859
+ const ssoVerificationRequest = {
17860
+ account: account,
17861
+ correlationId: correlationId,
17862
+ };
17863
+ const silentIframeClient = this.createSilentIframeClient(correlationId);
17864
+ silentIframeClient
17865
+ .verifySso(ssoVerificationRequest)
17866
+ .then((success) => {
17867
+ this.logger.verbose(`SSO capability verification completed after ${parentApi}, success: ${success}`, correlationId);
17868
+ ssoCapableMeasurement.end({
17869
+ fromCache: false,
17870
+ success: success,
17871
+ }, undefined, account);
17872
+ })
17873
+ .catch((error) => {
17874
+ this.logger.warning(`SSO capability verification failed after ${parentApi}: ${error.message}`, correlationId);
17875
+ ssoCapableMeasurement.end({
17876
+ fromCache: false,
17877
+ success: false,
17878
+ }, error, account);
17879
+ });
17880
+ }, 0);
17881
+ }
17695
17882
  // #endregion
17696
17883
  // #region Silent Flow
17697
17884
  /**
@@ -18457,6 +18644,10 @@ class StandardController {
18457
18644
  const result = this.acquireTokenSilentNoIframe(silentRequest, cacheLookupPolicy).catch(async (refreshTokenError) => {
18458
18645
  const shouldTryToResolveSilently = checkIfRefreshTokenErrorCanBeResolvedSilently(refreshTokenError, cacheLookupPolicy);
18459
18646
  if (shouldTryToResolveSilently) {
18647
+ const silentRefreshReason = `${refreshTokenError.errorCode}${refreshTokenError.subError
18648
+ ? `|${refreshTokenError.subError}`
18649
+ : ""}`;
18650
+ this.performanceClient.addFields({ silentRefreshReason }, silentRequest.correlationId);
18460
18651
  if (!this.activeIframeRequest) {
18461
18652
  let _resolve;
18462
18653
  // Always set the active request tracker immediately after checking it to prevent races