Azure AD JWT Expired

I’m using the azureActiveDirectory auth provider in my Redwood app. An hour (3600 seconds) after starting the app locally, the JWT expires and I get an error in my terminal:

graphql-server Error building context. Error: Exception in getAuthenticationContext: jwt expired

Reloading the page doesn’t help immediately, but it seems like after 5 minutes or so the token eventually refreshes.

As I understand it, getToken() should automatically refresh the token with MSAL’s acquireTokenSilent.

I assume GraphQL api calls from Cells call getToken(), since an authorization header is included in those requests, so I don’t understand why the token would expire.

Any help would be greatly appreciated!

1 Like

Just wanted to +1 this as we’re experiencing the same thing.

It also appears that jwt expired does not trigger requireAuth(), so it is difficult to test for an AuthenticationError and handle it (RedwoodJS masks the error as the generic “Something went wrong”).

Were you able to figure this out? Trying to decide if this is an MSAL issue or a Redwood issue or something with our application.

We are seeing the same behavior. Only in local development.

Most of the time it disappears on the second try. One workaround if it does not go away was changing the time of the local machine to an hour in the future and back.

It seems to be a timing issue.

@jeliasson Just wanted to get your eyes on this. Any idea what might be going on?

@Tobbe Unfortunately not. I had the same issue a couple of times when I did local development, and a handful of reports from end-users, but could not properly pin-point why and how this happened. I guess there is something in the logic that is missing.

Could you be able to have a look on it, in preparation for v4?