Skip to content

Background Session Refresh #8252

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
sameerag wants to merge 17 commits into
base: dev
Choose a base branch
from
Open

Background Session Refresh #8252

sameerag wants to merge 17 commits into from
+1,019 −51

Conversation

@sameerag
Copy link
Member

@sameerag sameerag commented Jan 19, 2026
edited
Loading

This PR adds a background session refresh that automatically refreshes tokens after successful interactive authentication. When enabled via the new enableBackgroundSSO configuration option, MSAL will fire a fire-and-forget bkdgRefresh call after handleRedirectPromise and acquireTokenPopup complete successfully.

Changes:

  • Added new enableBackgroundSSO configuration option (defaults to false)
  • Implemented fire-and-forget background refresh call after interactive authentication
  • Added comprehensive telemetry tracking with new BackgroundSsoSilent performance event

@sameerag sameerag requested a review from a team as a code owner January 19, 2026 06:02
Copilot AI review requested due to automatic review settings January 19, 2026 06:02
@sameerag
Copy link
Member Author

sameerag commented Jan 19, 2026

@copilot add PR description

Copilot AI mentioned this pull request Jan 19, 2026
Merged
Copy link
Contributor

Copilot AI commented Jan 19, 2026

@sameerag I've opened a new pull request, #8253, to work on those changes. Once the pull request is ready, I'll request review from you.

Copilot AI reviewed Jan 19, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds a background SSO feature that automatically refreshes tokens after successful interactive authentication. When enabled via the new enableBackgroundSSO configuration option, MSAL will fire a fire-and-forget ssoSilent call after handleRedirectPromise and acquireTokenPopup complete successfully.

Changes:

  • Added new enableBackgroundSSO configuration option (defaults to false)
  • Implemented fire-and-forget background ssoSilent calls after interactive authentication
  • Added comprehensive telemetry tracking with new BackgroundSsoSilent performance event

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 6 comments.

Show a summary per file
File Description
lib/msal-common/src/telemetry/performance/PerformanceEvent.ts Added BackgroundSsoSilent performance event and telemetry abbreviation for tracking background SSO calls
lib/msal-browser/src/config/Configuration.ts Added enableBackgroundSSO configuration option to BrowserAuthOptions with default value of false
lib/msal-browser/src/controllers/StandardController.ts Implemented bkgdSsoSilent method using setTimeout for non-blocking execution, integrated into handleRedirectPromise and acquireTokenPopup flows
lib/msal-browser/test/app/PublicClientApplication.spec.ts Added comprehensive test coverage for background SSO in both success and failure scenarios, feature flag validation, and fire-and-forget behavior verification
change/@azure-msal-common-461989e8-10b5-48f1-91dd-836248c3fce6.json Beachball change file for msal-common package
change/@azure-msal-browser-440d27b3-88ff-459d-883e-a675b66d7976.json Beachball change file for msal-browser package

sameerag and others added 5 commits January 18, 2026 22:11
@sameerag
Update change/@azure-msal-common-461989e8-10b5-48f1-91dd-836248c3fce6…
eb8df76 
….json

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@sameerag
Update change/@azure-msal-browser-440d27b3-88ff-459d-883e-a675b66d797…
ef600d9 
…6.json

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Background SSO calls (#8253)
fa1c809 
Adds fire-and-forget `ssoSilent` calls after interactive authentication
(`acquireTokenPopup`, `handleRedirectPromise`) to proactively refresh
tokens in the background.

## Changes

- **Configuration**: Added `enableBackgroundSSO` boolean to
`BrowserAuthOptions` (default: `false`)
- **Implementation**: `bkgdSsoSilent()` method uses `setTimeout` to
defer SSO call until after interactive result returns, preventing
blocking
- **Telemetry**: New `BackgroundSsoSilent` performance event tracks
parent API, success/failure, and token sizes

## Usage

```typescript
const msalConfig = {
    auth: {
        clientId: "your-client-id",
        authority: "https://login.microsoftonline.com/common",
        enableBackgroundSSO: true  // Enable background token refresh
    }
};

const msalInstance = new PublicClientApplication(msalConfig);

// After popup or redirect completes, background ssoSilent fires automatically
const result = await msalInstance.acquireTokenPopup(request);
// Background SSO initiated - tokens refreshed silently without blocking return
```

Background calls fail silently with warning logs - they don't affect the
main authentication flow.

<!-- START COPILOT CODING AGENT TIPS -->
---

💬 We'd love your input! Share your thoughts on Copilot coding agent in
our [2 minute survey](https://gh.io/copilot-coding-agent-survey).

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
@sameerag
Update lib/msal-browser/src/controllers/StandardController.ts
b0eac1a 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@sameerag
Update lib/msal-browser/src/config/Configuration.ts
4565ab7 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
sameerag
sameerag commented Jan 19, 2026
View reviewed changes
sameerag
sameerag commented Jan 19, 2026
View reviewed changes
@sameerag sameerag changed the title Background SSO calls Background Session Refresh calls Jan 19, 2026
@sameerag sameerag changed the title Background Session Refresh calls Background Session Refresh Jan 19, 2026
sameerag
sameerag commented Jan 20, 2026
View reviewed changes
sameerag
sameerag commented Jan 20, 2026
View reviewed changes
sameerag
sameerag commented Jan 20, 2026
View reviewed changes
lib/msal-browser/src/interaction_client/SilentIframeClient.ts
*/
async refreshSession(request: SsoSilentRequest): Promise<boolean> {
this.performanceClient.addQueueMeasurement(
PerformanceEvents.SilentIframeClientAcquireToken,
Copy link
Member Author

@sameerag sameerag Jan 20, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a need to make this synthentic, to not interfere in regular telemetry? If this is only for observability, may be we are okay? Confirm this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sameerag