Move auth error messages out of the bundle #7744

konstantin-msft · 2025-05-12T14:46:31Z

Move auth error messages out of the bundle

lib/msal-common/src/error/AuthError.ts

tnorling

I'd also like to see some sort of CI validation that a message actually exists in the doc for all error codes. I'm happy to treat that as its own separate work item, however, just calling it out as a requirement to call this work complete.

konstantin-msft · 2025-05-20T21:28:49Z

I'd also like to see some sort of CI validation that a message actually exists in the doc for all error codes. I'm happy to treat that as its own separate work item, however, just calling it out as a requirement to call this work complete.

Will address this in a follow-up PR

-->

docs/errors.md

lib/msal-browser/src/error/BrowserAuthError.ts

jo-arroyo

Hi, I know this is merged already, but I noticed some potentially broken links that may need to be addressed in a separate PR, and there are some other suggestions that you can choose to take or not.

jo-arroyo · 2025-05-21T17:50:45Z

docs/errors.md


-**[Other](#other)**
+This error occurs when MSAL.js surpasses the allotted storage limit when attempting to save token information in the [configured cache storage](./caching.md#cache-storage). See [here](https://developer.mozilla.org/en-US/docs/Web/API/Storage_API/Storage_quotas_and_eviction_criteria#web_storage) for web storage limits.


The link to the caching doc may need to be changed now that this doc has been moved out of msal-browser

jo-arroyo · 2025-05-21T17:51:02Z

docs/errors.md

+
+**Mitigation**:
+
+1. Make sure the configured cache storage has enough capacity to allow MSAL.js to persist token payload. The amount of cache storage required depends on the number of [cached artifacts](./caching.md#cached-artifacts).


Same here for caching doc

jo-arroyo · 2025-05-21T17:51:13Z

docs/errors.md

+**Mitigation**:
+
+1. Make sure the configured cache storage has enough capacity to allow MSAL.js to persist token payload. The amount of cache storage required depends on the number of [cached artifacts](./caching.md#cached-artifacts).
+2. Disable [claimsBasedCachingEnabled](./configuration.md#cache-config-options) cache config option. When enabled, it caches access tokens under a key containing the hash of the requested claims. Depending on the MSAL.js API usage, it may result in the vast number of access tokens persisted in the cache storage.


Same here for configuration doc

jo-arroyo · 2025-05-21T17:52:25Z

docs/errors.md

+- Nonce mismatch error.
+
+### `auth_time_not_found`
+- Max Age was requested and the ID token is missing the auth_time variable auth_time is an optional claim and is not enabled by default - it must be enabled. See https://aka.ms/msaljs/optional-claims for more information.


Suggested change

- Max Age was requested and the ID token is missing the auth_time variable auth_time is an optional claim and is not enabled by default - it must be enabled. See https://aka.ms/msaljs/optional-claims for more information.

- Max Age was requested and the ID token is missing the auth_time variable. auth_time is an optional claim and is not enabled by default - it must be enabled. See https://aka.ms/msaljs/optional-claims for more information.

jo-arroyo · 2025-05-21T17:53:54Z

docs/errors.md

+- The provided authority does not support logout.
+
+### `key_id_missing`
+- A keyId value is missing from the requested bound token's cache record and is required to match the token to it's stored binding key.


Suggested change

- A keyId value is missing from the requested bound token's cache record and is required to match the token to it's stored binding key.

- A keyId value is missing from the requested bound token's cache record and is required to match the token to its stored binding key.

jo-arroyo · 2025-05-21T18:10:12Z

lib/msal-browser/test/interaction_client/PopupClient.spec.ts

@@ -66,7 +65,7 @@ import * as BrowserUtils from "../../src/utils/BrowserUtils.js";
 import { FetchClient } from "../../src/network/FetchClient.js";
 import { TestTimeUtils } from "msal-test-utils";
 import { PopupRequest } from "../../src/request/PopupRequest.js";
-import { emptyNavigateUri } from "../../src/error/BrowserAuthErrorCodes.js";
+import { getDefaultErrorMessage } from "../../src/error/BrowserAuthError.js";


Can this be combined with the import on line 59 above?

jo-arroyo · 2025-05-21T18:10:38Z

lib/msal-browser/test/interaction_client/RedirectClient.spec.ts

@@ -89,6 +88,7 @@ import {
    TestTimeUtils,
 } from "msal-test-utils";
 import { BrowserPerformanceClient } from "../../src/telemetry/BrowserPerformanceClient.js";
+import { getDefaultErrorMessage } from "../../src/error/BrowserAuthError.js";


Can this be combined with the import on line 69 above?

jo-arroyo · 2025-05-21T18:11:42Z

lib/msal-browser/test/interaction_client/SilentIframeClient.spec.ts

 import { SsoSilentRequest } from "../../src/index.js";
+import { getDefaultErrorMessage } from "../../src/error/BrowserAuthError.js";


Same with import here

jo-arroyo · 2025-05-21T18:13:19Z

lib/msal-common/test/error/ClientAuthError.spec.ts

    createClientAuthError,
 } from "../../src/error/ClientAuthError";
 import { AuthError } from "../../src/error/AuthError";
+import { getDefaultErrorMessage } from "../../src/error/AuthError.js";


Combine with line above?

jo-arroyo · 2025-05-21T18:15:54Z

lib/msal-common/test/error/JoseHeaderError.spec.ts

    createJoseHeaderError,
 } from "../../src/error/JoseHeaderError";
 import { AuthError } from "../../src/error/AuthError";
+import { getDefaultErrorMessage } from "../../src/error/AuthError.js";


Combine with above line

github-actions bot added documentation Related to documentation. msal-node Related to msal-node package msal-browser Related to msal-browser package msal-common Related to msal-common package labels May 12, 2025

konstantin-msft marked this pull request as ready for review May 13, 2025 18:29

konstantin-msft requested review from sameerag, tnorling, hectormmg, peterzenz, a team, jo-arroyo, Robbie-Microsoft, lalimasharda and shylasummers as code owners May 13, 2025 18:29

tnorling reviewed May 14, 2025

View reviewed changes

lib/msal-common/src/error/AuthError.ts Outdated Show resolved Hide resolved

tnorling previously approved these changes May 14, 2025

View reviewed changes

konstantin-msft added 6 commits May 20, 2025 16:08

- Move auth error messages out of the bundle

1240f9b

- Fix formatting.

8019533

8000 Change files

4b3f903

- Update tests.

f7599da

- Update API docs

ec795d1

- Rebase onto latest

1df8a91

konstantin-msft dismissed tnorling’s stale review via 1df8a91 May 20, 2025 21:18

konstantin-msft force-pushed the move_error_message_to_markdown branch from 1e6185a to 1df8a91 Compare May 20, 2025 21:18

konstantin-msft requested a review from bgavrilMS as a code owner May 20, 2025 21:18

- Update API docs.

6a586fc

tnorling reviewed May 20, 2025

View reviewed changes

docs/errors.md Outdated Show resolved Hide resolved

tnorling previously approved these changes May 20, 2025

View reviewed changes

tnorling reviewed May 20, 2025

View reviewed changes

lib/msal-browser/src/error/BrowserAuthError.ts Show resolved Hide resolved

konstantin-msft enabled auto-merge (rebase) May 20, 2025 22:03

- Update error doc.

ec49a14

konstantin-msft dismissed tnorling’s stale review via ec49a14 May 21, 2025 14:48

tnorling approved these changes May 21, 2025

View reviewed changes

lalimasharda approved these changes May 21, 2025

View reviewed changes

konstantin-msft merged commit 71336db into msal-v5 May 21, 2025
8 checks passed

konstantin-msft deleted the move_error_message_to_markdown branch May 21, 2025 18:13

jo-arroyo reviewed May 21, 2025

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Move auth error messages out of the bundle #7744

Move auth error messages out of the bundle #7744


		[Other](#other)
		This error occurs when MSAL.js surpasses the allotted storage limit when attempting to save token information in the [configured cache storage](./caching.md#cache-storage). See [here](https://developer.mozilla.org/en-US/docs/Web/API/Storage_API/Storage_quotas_and_eviction_criteria#web_storage) for web storage limits.


		Mitigation:

		1. Make sure the configured cache storage has enough capacity to allow MSAL.js to persist token payload. The amount of cache storage required depends on the number of [cached artifacts](./caching.md#cached-artifacts).

	- Max Age was requested and the ID token is missing the auth_time variable auth_time is an optional claim and is not enabled by default - it must be enabled. See https://aka.ms/msaljs/optional-claims for more information.
	- Max Age was requested and the ID token is missing the auth_time variable. auth_time is an optional claim and is not enabled by default - it must be enabled. See https://aka.ms/msaljs/optional-claims for more information.

	- A keyId value is missing from the requested bound token's cache record and is required to match the token to it's stored binding key.
	- A keyId value is missing from the requested bound token's cache record and is required to match the token to its stored binding key.

		import { SsoSilentRequest } from "../../src/index.js";
		import { getDefaultErrorMessage } from "../../src/error/BrowserAuthError.js";

Move auth error messages out of the bundle #7744

Move auth error messages out of the bundle #7744

Conversation

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment