@azure/msal-browser 4.28.2 → 4.29.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (290) hide show
  1. package/dist/app/IPublicClientApplication.mjs +1 -1
  2. package/dist/app/PublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientNext.mjs +1 -1
  4. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  5. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  8. package/dist/cache/AccountManager.mjs +1 -1
  9. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  10. package/dist/cache/BrowserCacheManager.mjs +1 -1
  11. package/dist/cache/CacheHelpers.mjs +1 -1
  12. package/dist/cache/CacheKeys.mjs +1 -1
  13. package/dist/cache/CookieStorage.mjs +1 -1
  14. package/dist/cache/DatabaseStorage.mjs +1 -1
  15. package/dist/cache/EncryptedData.mjs +1 -1
  16. package/dist/cache/LocalStorage.mjs +1 -1
  17. package/dist/cache/MemoryStorage.mjs +1 -1
  18. package/dist/cache/SessionStorage.mjs +1 -1
  19. package/dist/cache/TokenCache.mjs +1 -1
  20. package/dist/config/Configuration.d.ts +7 -0
  21. package/dist/config/Configuration.d.ts.map +1 -1
  22. package/dist/config/Configuration.mjs +2 -1
  23. package/dist/config/Configuration.mjs.map +1 -1
  24. package/dist/controllers/ControllerFactory.mjs +1 -1
  25. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  26. package/dist/controllers/StandardController.d.ts +9 -0
  27. package/dist/controllers/StandardController.d.ts.map +1 -1
  28. package/dist/controllers/StandardController.mjs +56 -1
  29. package/dist/controllers/StandardController.mjs.map +1 -1
  30. package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
  31. package/dist/crypto/BrowserCrypto.mjs +1 -1
  32. package/dist/crypto/CryptoOps.mjs +1 -1
  33. package/dist/crypto/PkceGenerator.mjs +1 -1
  34. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  35. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  36. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  37. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  38. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  39. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  40. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  41. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  42. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
  43. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  44. package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
  45. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  46. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  47. package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
  48. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  49. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  50. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  51. package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
  52. package/dist/custom-auth-path/config/Configuration.d.ts +7 -0
  53. package/dist/custom-auth-path/config/Configuration.d.ts.map +1 -1
  54. package/dist/custom-auth-path/config/Configuration.mjs +2 -1
  55. package/dist/custom-auth-path/config/Configuration.mjs.map +1 -1
  56. package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
  57. package/dist/custom-auth-path/controllers/StandardController.d.ts +9 -0
  58. package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
  59. package/dist/custom-auth-path/controllers/StandardController.mjs +56 -1
  60. package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
  61. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  62. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  63. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  64. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  65. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  66. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  67. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  68. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  69. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  70. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  71. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  72. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  73. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  74. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  75. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  76. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  77. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  78. package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  79. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  80. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  81. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  82. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  83. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  84. package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  86. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  96. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  97. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  98. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  99. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  100. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  101. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  102. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  104. package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  105. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
  106. package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  107. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  108. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  109. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  110. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  111. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  112. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  113. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  114. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  115. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  116. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  118. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  119. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  120. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  123. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  124. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  125. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  126. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  128. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  129. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  130. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  132. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  133. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  134. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  135. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  136. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  137. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  141. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  142. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  143. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  144. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  145. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  146. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  147. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  148. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  149. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  150. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  151. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  152. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  153. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  154. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  155. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  156. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  157. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  158. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  159. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  160. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  161. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  162. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  163. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  164. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  165. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  166. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  167. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  168. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  169. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  170. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  171. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  172. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  173. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  174. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  175. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  176. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  177. package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
  178. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  179. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  180. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  181. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  182. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  183. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
  184. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
  185. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
  186. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
  187. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  188. package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts +7 -0
  189. package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
  190. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +49 -3
  191. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
  192. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
  193. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
  194. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
  195. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
  196. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  197. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  198. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  199. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  200. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  201. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  202. package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
  203. package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
  204. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  205. package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
  206. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  207. package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
  208. package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
  209. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
  210. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  211. package/dist/encode/Base64Decode.mjs +1 -1
  212. package/dist/encode/Base64Encode.mjs +1 -1
  213. package/dist/error/BrowserAuthError.mjs +1 -1
  214. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  215. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  216. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  217. package/dist/error/NativeAuthError.mjs +1 -1
  218. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  219. package/dist/error/NestedAppAuthError.mjs +1 -1
  220. package/dist/event/EventHandler.mjs +1 -1
  221. package/dist/event/EventMessage.mjs +1 -1
  222. package/dist/event/EventType.mjs +1 -1
  223. package/dist/index.mjs +1 -1
  224. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  225. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  226. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
  227. package/dist/interaction_client/PopupClient.mjs +1 -1
  228. package/dist/interaction_client/RedirectClient.mjs +1 -1
  229. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  230. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  231. package/dist/interaction_client/SilentIframeClient.d.ts +7 -0
  232. package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
  233. package/dist/interaction_client/SilentIframeClient.mjs +49 -3
  234. package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
  235. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  236. package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
  237. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  238. package/dist/interaction_handler/SilentHandler.mjs +1 -1
  239. package/dist/naa/BridgeError.mjs +1 -1
  240. package/dist/naa/BridgeProxy.mjs +1 -1
  241. package/dist/naa/BridgeStatusCode.mjs +1 -1
  242. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  243. package/dist/navigation/NavigationClient.mjs +1 -1
  244. package/dist/network/FetchClient.mjs +1 -1
  245. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  246. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  247. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  248. package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
  249. package/dist/packageMetadata.d.ts +1 -1
  250. package/dist/packageMetadata.mjs +2 -2
  251. package/dist/protocol/Authorize.mjs +1 -1
  252. package/dist/request/RequestHelpers.mjs +1 -1
  253. package/dist/response/ResponseHandler.mjs +1 -1
  254. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  255. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  256. package/dist/utils/BrowserConstants.mjs +1 -1
  257. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  258. package/dist/utils/BrowserUtils.mjs +1 -1
  259. package/dist/utils/Helpers.mjs +1 -1
  260. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  261. package/lib/custom-auth-path/msal-custom-auth.cjs +213 -68
  262. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  263. package/lib/custom-auth-path/msal-custom-auth.js +213 -68
  264. package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
  265. package/lib/custom-auth-path/types/config/Configuration.d.ts +7 -0
  266. package/lib/custom-auth-path/types/config/Configuration.d.ts.map +1 -1
  267. package/lib/custom-auth-path/types/controllers/StandardController.d.ts +9 -0
  268. package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
  269. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  270. package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts +7 -0
  271. package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  272. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  273. package/lib/msal-browser.cjs +221 -70
  274. package/lib/msal-browser.cjs.map +1 -1
  275. package/lib/msal-browser.js +221 -70
  276. package/lib/msal-browser.js.map +1 -1
  277. package/lib/msal-browser.min.js +64 -64
  278. package/lib/types/config/Configuration.d.ts +7 -0
  279. package/lib/types/config/Configuration.d.ts.map +1 -1
  280. package/lib/types/controllers/StandardController.d.ts +9 -0
  281. package/lib/types/controllers/StandardController.d.ts.map +1 -1
  282. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  283. package/lib/types/interaction_client/SilentIframeClient.d.ts +7 -0
  284. package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  285. package/lib/types/packageMetadata.d.ts +1 -1
  286. package/package.json +2 -2
  287. package/src/config/Configuration.ts +8 -0
  288. package/src/controllers/StandardController.ts +92 -0
  289. package/src/interaction_client/SilentIframeClient.ts +136 -0
  290. package/src/packageMetadata.ts +1 -1
@@ -1,8 +1,8 @@
1
- /*! @azure/msal-browser v4.28.2 2026-02-10 */
1
+ /*! @azure/msal-browser v4.29.0 2026-02-23 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
5
- /*! @azure/msal-common v15.14.2 2026-02-10 */
5
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6
6
  /*
7
7
  * Copyright (c) Microsoft Corporation. All rights reserved.
8
8
  * Licensed under the MIT License.
@@ -279,7 +279,7 @@ const JsonWebTokenTypes = {
279
279
  // Token renewal offset default in seconds
280
280
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
281
281
 
282
- /*! @azure/msal-common v15.14.2 2026-02-10 */
282
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
283
283
  /*
284
284
  * Copyright (c) Microsoft Corporation. All rights reserved.
285
285
  * Licensed under the MIT License.
@@ -296,7 +296,7 @@ var AuthErrorCodes = /*#__PURE__*/Object.freeze({
296
296
  unexpectedError: unexpectedError
297
297
  });
298
298
 
299
- /*! @azure/msal-common v15.14.2 2026-02-10 */
299
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
300
300
 
301
301
  /*
302
302
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -345,7 +345,7 @@ function createAuthError(code, additionalMessage) {
345
345
  : AuthErrorMessages[code]);
346
346
  }
347
347
 
348
- /*! @azure/msal-common v15.14.2 2026-02-10 */
348
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
349
349
  /*
350
350
  * Copyright (c) Microsoft Corporation. All rights reserved.
351
351
  * Licensed under the MIT License.
@@ -445,7 +445,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
445
445
  userTimeoutReached: userTimeoutReached
446
446
  });
447
447
 
448
- /*! @azure/msal-common v15.14.2 2026-02-10 */
448
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
449
449
 
450
450
  /*
451
451
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -702,7 +702,7 @@ function createClientAuthError(errorCode, additionalMessage) {
702
702
  return new ClientAuthError(errorCode, additionalMessage);
703
703
  }
704
704
 
705
- /*! @azure/msal-common v15.14.2 2026-02-10 */
705
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
706
706
 
707
707
  /*
708
708
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -741,7 +741,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
741
741
  },
742
742
  };
743
743
 
744
- /*! @azure/msal-common v15.14.2 2026-02-10 */
744
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
745
745
 
746
746
  /*
747
747
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -932,12 +932,12 @@ class Logger {
932
932
  }
933
933
  }
934
934
 
935
- /*! @azure/msal-common v15.14.2 2026-02-10 */
935
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
936
936
  /* eslint-disable header/header */
937
937
  const name$1 = "@azure/msal-common";
938
- const version$1 = "15.14.2";
938
+ const version$1 = "15.15.0";
939
939
 
940
- /*! @azure/msal-common v15.14.2 2026-02-10 */
940
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
941
941
  /*
942
942
  * Copyright (c) Microsoft Corporation. All rights reserved.
943
943
  * Licensed under the MIT License.
@@ -957,7 +957,7 @@ const AzureCloudInstance = {
957
957
  AzureUsGovernment: "https://login.microsoftonline.us",
958
958
  };
959
959
 
960
- /*! @azure/msal-common v15.14.2 2026-02-10 */
960
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
961
961
  /*
962
962
  * Copyright (c) Microsoft Corporation. All rights reserved.
963
963
  * Licensed under the MIT License.
@@ -1015,7 +1015,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
1015
1015
  urlParseError: urlParseError
1016
1016
  });
1017
1017
 
1018
- /*! @azure/msal-common v15.14.2 2026-02-10 */
1018
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1019
1019
 
1020
1020
  /*
1021
1021
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1163,7 +1163,7 @@ function createClientConfigurationError(errorCode) {
1163
1163
  return new ClientConfigurationError(errorCode);
1164
1164
  }
1165
1165
 
1166
- /*! @azure/msal-common v15.14.2 2026-02-10 */
1166
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1167
1167
  /*
1168
1168
  * Copyright (c) Microsoft Corporation. All rights reserved.
1169
1169
  * Licensed under the MIT License.
@@ -1260,7 +1260,7 @@ class StringUtils {
1260
1260
  }
1261
1261
  }
1262
1262
 
1263
- /*! @azure/msal-common v15.14.2 2026-02-10 */
1263
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1264
1264
 
1265
1265
  /*
1266
1266
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1455,7 +1455,7 @@ class ScopeSet {
1455
1455
  }
1456
1456
  }
1457
1457
 
1458
- /*! @azure/msal-common v15.14.2 2026-02-10 */
1458
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1459
1459
 
1460
1460
  /*
1461
1461
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1495,7 +1495,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
1495
1495
  };
1496
1496
  }
1497
1497
 
1498
- /*! @azure/msal-common v15.14.2 2026-02-10 */
1498
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1499
1499
  /*
1500
1500
  * Copyright (c) Microsoft Corporation. All rights reserved.
1501
1501
  * Licensed under the MIT License.
@@ -1577,7 +1577,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
1577
1577
  return updatedAccountInfo;
1578
1578
  }
1579
1579
 
1580
- /*! @azure/msal-common v15.14.2 2026-02-10 */
1580
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1581
1581
  /*
1582
1582
  * Copyright (c) Microsoft Corporation. All rights reserved.
1583
1583
  * Licensed under the MIT License.
@@ -1592,7 +1592,7 @@ const AuthorityType = {
1592
1592
  Ciam: 3,
1593
1593
  };
1594
1594
 
1595
- /*! @azure/msal-common v15.14.2 2026-02-10 */
1595
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1596
1596
  /*
1597
1597
  * Copyright (c) Microsoft Corporation. All rights reserved.
1598
1598
  * Licensed under the MIT License.
@@ -1614,7 +1614,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
1614
1614
  return null;
1615
1615
  }
1616
1616
 
1617
- /*! @azure/msal-common v15.14.2 2026-02-10 */
1617
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1618
1618
  /*
1619
1619
  * Copyright (c) Microsoft Corporation. All rights reserved.
1620
1620
  * Licensed under the MIT License.
@@ -1638,7 +1638,7 @@ const ProtocolMode = {
1638
1638
  EAR: "EAR",
1639
1639
  };
1640
1640
 
1641
- /*! @azure/msal-common v15.14.2 2026-02-10 */
1641
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1642
1642
 
1643
1643
  /*
1644
1644
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1873,7 +1873,7 @@ class AccountEntity {
1873
1873
  }
1874
1874
  }
1875
1875
 
1876
- /*! @azure/msal-common v15.14.2 2026-02-10 */
1876
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1877
1877
 
1878
1878
  /*
1879
1879
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1954,7 +1954,7 @@ function checkMaxAge(authTime, maxAge) {
1954
1954
  }
1955
1955
  }
1956
1956
 
1957
- /*! @azure/msal-common v15.14.2 2026-02-10 */
1957
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
1958
1958
 
1959
1959
  /*
1960
1960
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2070,7 +2070,7 @@ function normalizeUrlForComparison(url) {
2070
2070
  }
2071
2071
  }
2072
2072
 
2073
- /*! @azure/msal-common v15.14.2 2026-02-10 */
2073
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
2074
2074
 
2075
2075
  /*
2076
2076
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2234,7 +2234,7 @@ class UrlString {
2234
2234
  }
2235
2235
  }
2236
2236
 
2237
- /*! @azure/msal-common v15.14.2 2026-02-10 */
2237
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
2238
2238
 
2239
2239
  /*
2240
2240
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2409,7 +2409,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
2409
2409
  return null;
2410
2410
  }
2411
2411
 
2412
- /*! @azure/msal-common v15.14.2 2026-02-10 */
2412
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
2413
2413
  /*
2414
2414
  * Copyright (c) Microsoft Corporation. All rights reserved.
2415
2415
  * Licensed under the MIT License.
@@ -2417,7 +2417,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
2417
2417
  const cacheQuotaExceeded = "cache_quota_exceeded";
2418
2418
  const cacheErrorUnknown = "cache_error_unknown";
2419
2419
 
2420
- /*! @azure/msal-common v15.14.2 2026-02-10 */
2420
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
2421
2421
 
2422
2422
  /*
2423
2423
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2462,7 +2462,7 @@ function createCacheError(e) {
2462
2462
  }
2463
2463
  }
2464
2464
 
2465
- /*! @azure/msal-common v15.14.2 2026-02-10 */
2465
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
2466
2466
 
2467
2467
  /*
2468
2468
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3573,7 +3573,7 @@ class DefaultStorageClass extends CacheManager {
3573
3573
  }
3574
3574
  }
3575
3575
 
3576
- /*! @azure/msal-common v15.14.2 2026-02-10 */
3576
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
3577
3577
  /*
3578
3578
  * Copyright (c) Microsoft Corporation. All rights reserved.
3579
3579
  * Licensed under the MIT License.
@@ -3835,6 +3835,11 @@ const PerformanceEvents = {
3835
3835
  LoadIdToken: "loadIdToken",
3836
3836
  LoadAccessToken: "loadAccessToken",
3837
3837
  LoadRefreshToken: "loadRefreshToken",
3838
+ /**
3839
+ * SSO capability verification call (msal-browser).
3840
+ * Fire-and-forget SSO verification call made after interactive authentication completes.
3841
+ */
3842
+ SsoCapable: "ssoCapable",
3838
3843
  };
3839
3844
  const PerformanceEventAbbreviations = new Map([
3840
3845
  [PerformanceEvents.AcquireTokenByCode, "ATByCode"],
@@ -4062,6 +4067,7 @@ const PerformanceEventAbbreviations = new Map([
4062
4067
  [PerformanceEvents.Decrypt, "decrypt"],
4063
4068
  [PerformanceEvents.GenerateEarKey, "genEarKey"],
4064
4069
  [PerformanceEvents.DecryptEarResponse, "decryptEarResp"],
4070
+ [PerformanceEvents.SsoCapable, "SsoCapable"],
4065
4071
  ]);
4066
4072
  /**
4067
4073
  * State of the performance event.
@@ -4100,7 +4106,7 @@ const IntFields = new Set([
4100
4106
  "upgradedCacheCount",
4101
4107
  ]);
4102
4108
 
4103
- /*! @azure/msal-common v15.14.2 2026-02-10 */
4109
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4104
4110
 
4105
4111
  /*
4106
4112
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4179,7 +4185,7 @@ class StubPerformanceClient {
4179
4185
  }
4180
4186
  }
4181
4187
 
4182
- /*! @azure/msal-common v15.14.2 2026-02-10 */
4188
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4183
4189
 
4184
4190
  /*
4185
4191
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4279,7 +4285,7 @@ function isOidcProtocolMode(config) {
4279
4285
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
4280
4286
  }
4281
4287
 
4282
- /*! @azure/msal-common v15.14.2 2026-02-10 */
4288
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4283
4289
  /*
4284
4290
  * Copyright (c) Microsoft Corporation. All rights reserved.
4285
4291
  * Licensed under the MIT License.
@@ -4289,7 +4295,7 @@ const CcsCredentialType = {
4289
4295
  UPN: "UPN",
4290
4296
  };
4291
4297
 
4292
- /*! @azure/msal-common v15.14.2 2026-02-10 */
4298
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4293
4299
  /*
4294
4300
  * Copyright (c) Microsoft Corporation. All rights reserved.
4295
4301
  * Licensed under the MIT License.
@@ -4339,7 +4345,7 @@ const INSTANCE_AWARE = "instance_aware";
4339
4345
  const EAR_JWK = "ear_jwk";
4340
4346
  const EAR_JWE_CRYPTO = "ear_jwe_crypto";
4341
4347
 
4342
- /*! @azure/msal-common v15.14.2 2026-02-10 */
4348
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4343
4349
 
4344
4350
  /*
4345
4351
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4719,7 +4725,7 @@ function addPostBodyParameters(parameters, bodyParameters) {
4719
4725
  });
4720
4726
  }
4721
4727
 
4722
- /*! @azure/msal-common v15.14.2 2026-02-10 */
4728
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4723
4729
  /*
4724
4730
  * Copyright (c) Microsoft Corporation. All rights reserved.
4725
4731
  * Licensed under the MIT License.
@@ -4731,7 +4737,7 @@ function isOpenIdConfigResponse(response) {
4731
4737
  response.hasOwnProperty("jwks_uri"));
4732
4738
  }
4733
4739
 
4734
- /*! @azure/msal-common v15.14.2 2026-02-10 */
4740
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4735
4741
  /*
4736
4742
  * Copyright (c) Microsoft Corporation. All rights reserved.
4737
4743
  * Licensed under the MIT License.
@@ -4741,7 +4747,7 @@ function isCloudInstanceDiscoveryResponse(response) {
4741
4747
  response.hasOwnProperty("metadata"));
4742
4748
  }
4743
4749
 
4744
- /*! @azure/msal-common v15.14.2 2026-02-10 */
4750
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4745
4751
  /*
4746
4752
  * Copyright (c) Microsoft Corporation. All rights reserved.
4747
4753
  * Licensed under the MIT License.
@@ -4751,7 +4757,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
4751
4757
  response.hasOwnProperty("error_description"));
4752
4758
  }
4753
4759
 
4754
- /*! @azure/msal-common v15.14.2 2026-02-10 */
4760
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4755
4761
  /*
4756
4762
  * Copyright (c) Microsoft Corporation. All rights reserved.
4757
4763
  * Licensed under the MIT License.
@@ -4847,7 +4853,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
4847
4853
  };
4848
4854
  };
4849
4855
 
4850
- /*! @azure/msal-common v15.14.2 2026-02-10 */
4856
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4851
4857
 
4852
4858
  /*
4853
4859
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4953,7 +4959,7 @@ RegionDiscovery.IMDS_OPTIONS = {
4953
4959
  },
4954
4960
  };
4955
4961
 
4956
- /*! @azure/msal-common v15.14.2 2026-02-10 */
4962
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
4957
4963
  /*
4958
4964
  * Copyright (c) Microsoft Corporation. All rights reserved.
4959
4965
  * Licensed under the MIT License.
@@ -5018,7 +5024,7 @@ function wasClockTurnedBack(cachedAt) {
5018
5024
  return cachedAtSec > nowSeconds();
5019
5025
  }
5020
5026
 
5021
- /*! @azure/msal-common v15.14.2 2026-02-10 */
5027
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
5022
5028
 
5023
5029
  /*
5024
5030
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5280,7 +5286,7 @@ function isAuthorityMetadataExpired(metadata) {
5280
5286
  return metadata.expiresAt <= nowSeconds();
5281
5287
  }
5282
5288
 
5283
- /*! @azure/msal-common v15.14.2 2026-02-10 */
5289
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
5284
5290
 
5285
5291
  /*
5286
5292
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6119,7 +6125,7 @@ function buildStaticAuthorityOptions(authOptions) {
6119
6125
  };
6120
6126
  }
6121
6127
 
6122
- /*! @azure/msal-common v15.14.2 2026-02-10 */
6128
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6123
6129
 
6124
6130
  /*
6125
6131
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6150,7 +6156,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
6150
6156
  }
6151
6157
  }
6152
6158
 
6153
- /*! @azure/msal-common v15.14.2 2026-02-10 */
6159
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6154
6160
 
6155
6161
  /*
6156
6162
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6169,7 +6175,7 @@ class ServerError extends AuthError {
6169
6175
  }
6170
6176
  }
6171
6177
 
6172
- /*! @azure/msal-common v15.14.2 2026-02-10 */
6178
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6173
6179
  /*
6174
6180
  * Copyright (c) Microsoft Corporation. All rights reserved.
6175
6181
  * Licensed under the MIT License.
@@ -6190,7 +6196,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
6190
6196
  };
6191
6197
  }
6192
6198
 
6193
- /*! @azure/msal-common v15.14.2 2026-02-10 */
6199
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6194
6200
 
6195
6201
  /*
6196
6202
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6277,7 +6283,7 @@ class ThrottlingUtils {
6277
6283
  }
6278
6284
  }
6279
6285
 
6280
- /*! @azure/msal-common v15.14.2 2026-02-10 */
6286
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6281
6287
 
6282
6288
  /*
6283
6289
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6308,7 +6314,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
6308
6314
  return new NetworkError(error, httpStatus, responseHeaders);
6309
6315
  }
6310
6316
 
6311
- /*! @azure/msal-common v15.14.2 2026-02-10 */
6317
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6312
6318
 
6313
6319
  /*
6314
6320
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6456,27 +6462,63 @@ class BaseClient {
6456
6462
  }
6457
6463
  }
6458
6464
 
6459
- /*! @azure/msal-common v15.14.2 2026-02-10 */
6465
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6460
6466
  /*
6461
6467
  * Copyright (c) Microsoft Corporation. All rights reserved.
6462
6468
  * Licensed under the MIT License.
6463
6469
  */
6464
- // Codes defined by MSAL
6470
+ /**
6471
+ * MSAL-defined interaction required error code indicating no tokens are found in cache.
6472
+ * @public
6473
+ */
6465
6474
  const noTokensFound = "no_tokens_found";
6475
+ /**
6476
+ * MSAL-defined error code indicating a native account is unavailable on the platform.
6477
+ * @public
6478
+ */
6466
6479
  const nativeAccountUnavailable = "native_account_unavailable";
6480
+ /**
6481
+ * MSAL-defined error code indicating the refresh token has expired and user interaction is needed.
6482
+ * @public
6483
+ */
6467
6484
  const refreshTokenExpired = "refresh_token_expired";
6485
+ /**
6486
+ * MSAL-defined error code indicating UI/UX is not allowed (e.g., blocked by policy), requiring alternate interaction.
6487
+ * @public
6488
+ */
6468
6489
  const uxNotAllowed = "ux_not_allowed";
6469
- // Codes potentially returned by server
6490
+ /**
6491
+ * Server-originated error code indicating interaction is required to complete the request.
6492
+ * @public
6493
+ */
6470
6494
  const interactionRequired = "interaction_required";
6495
+ /**
6496
+ * Server-originated error code indicating user consent is required.
6497
+ * @public
6498
+ */
6471
6499
  const consentRequired = "consent_required";
6500
+ /**
6501
+ * Server-originated error code indicating user login is required.
6502
+ * @public
6503
+ */
6472
6504
  const loginRequired = "login_required";
6473
- const badToken = "bad_token";
6505
+ /**
6506
+ * Server-originated error code indicating the token is invalid or corrupted.
6507
+ * @public
6508
+ */
6509
+ const badToken = "bad_token";
6510
+ /**
6511
+ * Server-originated error code indicating the user was interrupted and must reattempt the flow.
6512
+ * @public
6513
+ */
6514
+ const interruptedUser = "interrupted_user";
6474
6515
 
6475
6516
  var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
6476
6517
  __proto__: null,
6477
6518
  badToken: badToken,
6478
6519
  consentRequired: consentRequired,
6479
6520
  interactionRequired: interactionRequired,
6521
+ interruptedUser: interruptedUser,
6480
6522
  loginRequired: loginRequired,
6481
6523
  nativeAccountUnavailable: nativeAccountUnavailable,
6482
6524
  noTokensFound: noTokensFound,
@@ -6484,7 +6526,7 @@ var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
6484
6526
  uxNotAllowed: uxNotAllowed
6485
6527
  });
6486
6528
 
6487
- /*! @azure/msal-common v15.14.2 2026-02-10 */
6529
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6488
6530
 
6489
6531
  /*
6490
6532
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6499,6 +6541,7 @@ const InteractionRequiredServerErrorMessage = [
6499
6541
  loginRequired,
6500
6542
  badToken,
6501
6543
  uxNotAllowed,
6544
+ interruptedUser,
6502
6545
  ];
6503
6546
  const InteractionRequiredAuthSubErrorMessage = [
6504
6547
  "message_only",
@@ -6507,6 +6550,7 @@ const InteractionRequiredAuthSubErrorMessage = [
6507
6550
  "user_password_expired",
6508
6551
  "consent_required",
6509
6552
  "bad_token",
6553
+ "interrupted_user",
6510
6554
  ];
6511
6555
  const InteractionRequiredAuthErrorMessages = {
6512
6556
  [noTokensFound]: "No refresh token found in the cache. Please sign-in.",
@@ -6514,6 +6558,7 @@ const InteractionRequiredAuthErrorMessages = {
6514
6558
  [refreshTokenExpired]: "Refresh token has expired.",
6515
6559
  [badToken]: "Identity provider returned bad_token due to an expired or invalid refresh token. Please invoke an interactive API to resolve.",
6516
6560
  [uxNotAllowed]: "`canShowUI` flag in Edge was set to false. User interaction required on web page. Please invoke an interactive API to resolve.",
6561
+ [interruptedUser]: "The user could not be authenticated due to an interrupted state. Please invoke an interactive API to resolve.",
6517
6562
  };
6518
6563
  /**
6519
6564
  * Interaction required errors defined by the SDK
@@ -6532,6 +6577,10 @@ const InteractionRequiredAuthErrorMessage = {
6532
6577
  code: badToken,
6533
6578
  desc: InteractionRequiredAuthErrorMessages[badToken],
6534
6579
  },
6580
+ interrupted_user: {
6581
+ code: interruptedUser,
6582
+ desc: InteractionRequiredAuthErrorMessages[interruptedUser],
6583
+ },
6535
6584
  };
6536
6585
  /**
6537
6586
  * Error thrown when user interaction is required.
@@ -6574,7 +6623,7 @@ function createInteractionRequiredAuthError(errorCode) {
6574
6623
  return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
6575
6624
  }
6576
6625
 
6577
- /*! @azure/msal-common v15.14.2 2026-02-10 */
6626
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6578
6627
 
6579
6628
  /*
6580
6629
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6646,7 +6695,7 @@ class ProtocolUtils {
6646
6695
  }
6647
6696
  }
6648
6697
 
6649
- /*! @azure/msal-common v15.14.2 2026-02-10 */
6698
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6650
6699
 
6651
6700
  /*
6652
6701
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6728,7 +6777,7 @@ class PopTokenGenerator {
6728
6777
  }
6729
6778
  }
6730
6779
 
6731
- /*! @azure/msal-common v15.14.2 2026-02-10 */
6780
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6732
6781
  /*
6733
6782
  * Copyright (c) Microsoft Corporation. All rights reserved.
6734
6783
  * Licensed under the MIT License.
@@ -6755,7 +6804,7 @@ class PopTokenGenerator {
6755
6804
  }
6756
6805
  }
6757
6806
 
6758
- /*! @azure/msal-common v15.14.2 2026-02-10 */
6807
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
6759
6808
 
6760
6809
  /*
6761
6810
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7094,7 +7143,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
7094
7143
  return baseAccount;
7095
7144
  }
7096
7145
 
7097
- /*! @azure/msal-common v15.14.2 2026-02-10 */
7146
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
7098
7147
  /*
7099
7148
  * Copyright (c) Microsoft Corporation. All rights reserved.
7100
7149
  * Licensed under the MIT License.
@@ -7112,7 +7161,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
7112
7161
  }
7113
7162
  }
7114
7163
 
7115
- /*! @azure/msal-common v15.14.2 2026-02-10 */
7164
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
7116
7165
 
7117
7166
  /*
7118
7167
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7348,7 +7397,7 @@ class AuthorizationCodeClient extends BaseClient {
7348
7397
  }
7349
7398
  }
7350
7399
 
7351
- /*! @azure/msal-common v15.14.2 2026-02-10 */
7400
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
7352
7401
 
7353
7402
  /*
7354
7403
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7560,7 +7609,7 @@ class RefreshTokenClient extends BaseClient {
7560
7609
  }
7561
7610
  }
7562
7611
 
7563
- /*! @azure/msal-common v15.14.2 2026-02-10 */
7612
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
7564
7613
 
7565
7614
  /*
7566
7615
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7658,7 +7707,7 @@ class SilentFlowClient extends BaseClient {
7658
7707
  }
7659
7708
  }
7660
7709
 
7661
- /*! @azure/msal-common v15.14.2 2026-02-10 */
7710
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
7662
7711
 
7663
7712
  /*
7664
7713
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7673,7 +7722,7 @@ const StubbedNetworkModule = {
7673
7722
  },
7674
7723
  };
7675
7724
 
7676
- /*! @azure/msal-common v15.14.2 2026-02-10 */
7725
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
7677
7726
 
7678
7727
  /*
7679
7728
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7897,7 +7946,7 @@ function extractLoginHint(account) {
7897
7946
  return account.loginHint || account.idTokenClaims?.login_hint || null;
7898
7947
  }
7899
7948
 
7900
- /*! @azure/msal-common v15.14.2 2026-02-10 */
7949
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
7901
7950
 
7902
7951
  /*
7903
7952
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7955,7 +8004,7 @@ class AuthenticationHeaderParser {
7955
8004
  }
7956
8005
  }
7957
8006
 
7958
- /*! @azure/msal-common v15.14.2 2026-02-10 */
8007
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
7959
8008
 
7960
8009
  /*
7961
8010
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8218,7 +8267,7 @@ class ServerTelemetryManager {
8218
8267
  }
8219
8268
  }
8220
8269
 
8221
- /*! @azure/msal-common v15.14.2 2026-02-10 */
8270
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
8222
8271
  /*
8223
8272
  * Copyright (c) Microsoft Corporation. All rights reserved.
8224
8273
  * Licensed under the MIT License.
@@ -8226,7 +8275,7 @@ class ServerTelemetryManager {
8226
8275
  const missingKidError = "missing_kid_error";
8227
8276
  const missingAlgError = "missing_alg_error";
8228
8277
 
8229
- /*! @azure/msal-common v15.14.2 2026-02-10 */
8278
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
8230
8279
 
8231
8280
  /*
8232
8281
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8251,7 +8300,7 @@ function createJoseHeaderError(code) {
8251
8300
  return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
8252
8301
  }
8253
8302
 
8254
- /*! @azure/msal-common v15.14.2 2026-02-10 */
8303
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
8255
8304
 
8256
8305
  /*
8257
8306
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8291,7 +8340,7 @@ class JoseHeader {
8291
8340
  }
8292
8341
  }
8293
8342
 
8294
- /*! @azure/msal-common v15.14.2 2026-02-10 */
8343
+ /*! @azure/msal-common v15.15.0 2026-02-23 */
8295
8344
 
8296
8345
  /*
8297
8346
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -10344,6 +10393,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
10344
10393
  supportsNestedAppAuth: false,
10345
10394
  instanceAware: false,
10346
10395
  encodeExtraQueryParams: false,
10396
+ verifySSO: false,
10347
10397
  };
10348
10398
  // Default cache options for browser
10349
10399
  const DEFAULT_CACHE_OPTIONS = {
@@ -10432,7 +10482,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
10432
10482
 
10433
10483
  /* eslint-disable header/header */
10434
10484
  const name = "@azure/msal-browser";
10435
- const version = "4.28.2";
10485
+ const version = "4.29.0";
10436
10486
 
10437
10487
  /*
10438
10488
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -16817,6 +16867,52 @@ class SilentIframeClient extends StandardInteractionClient {
16817
16867
  return invokeAsync(handleResponseEAR, PerformanceEvents.HandleResponseEar, this.logger, this.performanceClient, correlationId)(silentRequest, serverParams, this.apiId, this.config, discoveredAuthority, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
16818
16868
  }
16819
16869
  }
16870
+ /**
16871
+ * Verifies SSO capability by making an iframe request to /authorize without exchanging the code for tokens.
16872
+ * This is useful for verifying SSO capability in the background without the overhead of a full token exchange.
16873
+ * @param request - The SSO silent request
16874
+ * @returns true if SSO verification was successful with a valid authorization code, false otherwise
16875
+ */
16876
+ async verifySso(request) {
16877
+ this.performanceClient.addQueueMeasurement(PerformanceEvents.SilentIframeClientAcquireToken, request.correlationId);
16878
+ const inputRequest = { ...request };
16879
+ if (!inputRequest.prompt) {
16880
+ inputRequest.prompt = PromptValue.NONE;
16881
+ }
16882
+ // Create silent request
16883
+ const silentRequest = await invokeAsync(this.initializeAuthorizationRequest.bind(this), PerformanceEvents.StandardInteractionClientInitializeAuthorizationRequest, this.logger, this.performanceClient, request.correlationId)(inputRequest, exports.InteractionType.Silent);
16884
+ const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), PerformanceEvents.StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, request.correlationId)({
16885
+ serverTelemetryManager: this.initializeServerTelemetryManager(this.apiId),
16886
+ requestAuthority: silentRequest.authority,
16887
+ requestAzureCloudOptions: silentRequest.azureCloudOptions,
16888
+ requestExtraQueryParameters: silentRequest.extraQueryParameters,
16889
+ account: silentRequest.account,
16890
+ });
16891
+ const correlationId = silentRequest.correlationId;
16892
+ const pkceCodes = await invokeAsync(generatePkceCodes, PerformanceEvents.GeneratePkceCodes, this.logger, this.performanceClient, correlationId)(this.performanceClient, this.logger, correlationId);
16893
+ const requestWithPkce = {
16894
+ ...silentRequest,
16895
+ codeChallenge: pkceCodes.challenge,
16896
+ };
16897
+ // Create authorize request url
16898
+ const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, requestWithPkce, this.logger, this.performanceClient);
16899
+ // Get the frame handle for the silent request - this triggers the SSO verification
16900
+ const msalFrame = await invokeAsync(initiateCodeRequest, PerformanceEvents.SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(navigateUrl, this.performanceClient, this.logger, correlationId, this.config.system.navigateFrameWait);
16901
+ const responseType = this.config.auth.OIDCOptions.serverResponseType;
16902
+ // Monitor the iframe for the response
16903
+ const responseString = await invokeAsync(monitorIframeForHash, PerformanceEvents.SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(msalFrame, this.config.system.iframeHashTimeout, this.config.system.pollIntervalMilliseconds, this.performanceClient, this.logger, correlationId, responseType);
16904
+ // Deserialize the response
16905
+ const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, correlationId)(responseString, responseType, this.logger);
16906
+ // Validate the response - this checks for errors and validates state
16907
+ validateAuthorizationResponse(serverParams, silentRequest.state);
16908
+ // Verify a valid authorization code is present
16909
+ if (!serverParams.code) {
16910
+ this.logger.warning("SSO verification response did not contain an authorization code", correlationId);
16911
+ return false;
16912
+ }
16913
+ this.logger.verbose("SSO verification completed successfully with valid authorization code - skipped token exchange", correlationId);
16914
+ return true;
16915
+ }
16820
16916
  /**
16821
16917
  * Currently Unsupported
16822
16918
  */
@@ -17467,6 +17563,8 @@ class StandardController {
17467
17563
  rootMeasurement.end({
17468
17564
  success: true,
17469
17565
  }, undefined, result.account);
17566
+ // Fire-and-forget SSO capability verification in background
17567
+ this.verifySsoCapability(result.account, exports.InteractionType.Redirect);
17470
17568
  }
17471
17569
  else {
17472
17570
  /*
@@ -17699,6 +17797,8 @@ class StandardController {
17699
17797
  accessTokenSize: result.accessToken.length,
17700
17798
  idTokenSize: result.idToken.length,
17701
17799
  }, undefined, result.account);
17800
+ // SSO capability verification in background
17801
+ this.verifySsoCapability(result.account, exports.InteractionType.Popup);
17702
17802
  return result;
17703
17803
  })
17704
17804
  .catch((e) => {
@@ -17732,6 +17832,53 @@ class StandardController {
17732
17832
  visibilityChangeCount: 1,
17733
17833
  });
17734
17834
  }
17835
+ /**
17836
+ * SSO capability verification in the background.
17837
+ * This method makes an iframe request to /authorize to verify SSO capability without calling /token.
17838
+ * This method does not block the caller and tracks telemetry for success/failure.
17839
+ * This method only executes if verifySSO is set to true in the auth configuration.
17840
+ * @param account - The account to use for the SSO verification
17841
+ * @param parentApi - The API ID of the parent operation for logging purposes
17842
+ */
17843
+ verifySsoCapability(account, parentApi) {
17844
+ // Check if SSO capability verification is enabled
17845
+ if (!this.config.auth.verifySSO) {
17846
+ return;
17847
+ }
17848
+ const correlationId = this.browserCrypto.createNewGuid();
17849
+ const ssoCapableMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.SsoCapable, correlationId);
17850
+ ssoCapableMeasurement.add({
17851
+ parentApi: parentApi,
17852
+ });
17853
+ this.logger.verbose(`SSO capability verification initiated after ${parentApi}`, correlationId);
17854
+ /*
17855
+ * Use setTimeout to ensure this runs in a separate macrotask after the current call stack completes
17856
+ * This ensures the result is returned to the caller before the SSO verification starts and doesn't affect performance
17857
+ */
17858
+ setTimeout(() => {
17859
+ const ssoVerificationRequest = {
17860
+ account: account,
17861
+ correlationId: correlationId,
17862
+ };
17863
+ const silentIframeClient = this.createSilentIframeClient(correlationId);
17864
+ silentIframeClient
17865
+ .verifySso(ssoVerificationRequest)
17866
+ .then((success) => {
17867
+ this.logger.verbose(`SSO capability verification completed after ${parentApi}, success: ${success}`, correlationId);
17868
+ ssoCapableMeasurement.end({
17869
+ fromCache: false,
17870
+ success: success,
17871
+ }, undefined, account);
17872
+ })
17873
+ .catch((error) => {
17874
+ this.logger.warning(`SSO capability verification failed after ${parentApi}: ${error.message}`, correlationId);
17875
+ ssoCapableMeasurement.end({
17876
+ fromCache: false,
17877
+ success: false,
17878
+ }, error, account);
17879
+ });
17880
+ }, 0);
17881
+ }
17735
17882
  // #endregion
17736
17883
  // #region Silent Flow
17737
17884
  /**
@@ -18497,6 +18644,10 @@ class StandardController {
18497
18644
  const result = this.acquireTokenSilentNoIframe(silentRequest, cacheLookupPolicy).catch(async (refreshTokenError) => {
18498
18645
  const shouldTryToResolveSilently = checkIfRefreshTokenErrorCanBeResolvedSilently(refreshTokenError, cacheLookupPolicy);
18499
18646
  if (shouldTryToResolveSilently) {
18647
+ const silentRefreshReason = `${refreshTokenError.errorCode}${refreshTokenError.subError
18648
+ ? `|${refreshTokenError.subError}`
18649
+ : ""}`;
18650
+ this.performanceClient.addFields({ silentRefreshReason }, silentRequest.correlationId);
18500
18651
  if (!this.activeIframeRequest) {
18501
18652
  let _resolve;
18502
18653
  // Always set the active request tracker immediately after checking it to prevent races