-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable enforce Policy. AUTHORIZATION_NEEDED Error is thrown #243
Comments
I am looking into this |
@rassackak - could you please share the package name |
package name is com.morohub.smartoffice. Update: |
@rassackak The error com.microsoft.identity.client.exception.MsalUiRequiredException: no account found for ad9fe314-1e14-4161-b118-7b2f00503ed7 indicates that the Microsoft Authentication Library (MSAL) could not find an account with the specified ID. This exception typically occurs when a silent token acquisition attempt is made, but no account is found in the token cache that matches the provided account ID. Here are some key points from the stack trace: MSALUtil.acquireTokenSilentSync: The error occurs in the acquireTokenSilentSync method of the MSALUtil class. This method attempts to acquire a token silently (without user interaction) using the cached account information. To resolve this issue, you can take the following steps: Ensure that the account with the specified ID (ad9fe314-1e14-4161-b118-7b2f00503ed7) is present in the token cache. If the account is not found, you may need to prompt the user to sign in again to add the account to the cache i.e. If the silent token acquisition fails, you can fall back to an interactive token acquisition method. This will prompt the user to sign in and obtain a new token. |
@kanishkaBagga I have tried the same user with (ID ad9fe314-1e14-4161-b118-7b2f00503ed7) in a different device. And it is working fine. I'm getting the token and MAM Policy is applied successfully. But, as I mentioned earlier, I'm unable to login another user in the same device. I'm using a account_mode= SINGLE as my app requires only once user to be logged In at a time. I'm calling the signout method provided. Still I'm unable to login to a different account in the same device. |
@rassackak - is this issue specific to this user on all devices? |
@kanishkaBagga It is not specific to a user. It happens when a user try to login to a device where another user is logged in and applied the MAM policies. As I mentioned earlier, it works when we try to login for the first. Also it works when I go to device settings and delete the account added to accounts section. |
Intune Android App SDK Policy Enforcement Issue
Questions to Ask Before Submission
Summary
I'm Followed all the steps from the document. After MSAL acquireToken call I' getting MsalIntuneAppProtectionPolicyRequiredException. But after calling remediateCompliance(), I'm getting AUTHORIZATION_NEEDED in MAMEnrollmentNotification.
In tried with the sample application as well. But, Same issue happens
###Logs
com.microsoft.identity.client.exception.MsalUiRequiredException: no account found for ad9fe314-1e14-4161-b118-7b2f00503ed7
at com.microsoft.intune.samples.taskr.authentication.MSALUtil.acquireTokenSilentSync(MSALUtil.java:148)
at com.microsoft.intune.samples.taskr.authentication.AuthenticationCallback.acquireToken(AuthenticationCallback.java:38)
at java.lang.reflect.Method.invoke(Native Method)
at o.forCodedOutput$cancelAll.invoke(:84)
at java.lang.reflect.Proxy.invoke(Proxy.java:1006)
at $Proxy13.acquireToken(Unknown Source)
at com.microsoft.intune.mam.policy.AbstractEnrollmentManager$1.acquireToken(:93)
at com.microsoft.intune.mam.policy.AbstractEnrollmentManager$2.acquireToken(:109)
at com.microsoft.intune.mam.policy.MAMEnrollmentManagerImpl$StrictAuthenticationCallbackWrapper.acquireToken(:221)
at com.microsoft.intune.mam.client.app.AuthCallbackUtils.acquireMAMServiceToken(:48)
at com.microsoft.intune.mam.client.ipcclient.OnlineAuthCallbackUtils.acquireMAMServiceTokenWithTelemetry(:56)
at com.microsoft.intune.mam.policy.MAMEnrollmentManagerImpl.lambda$attemptMamEnrollment$2(:770)
at com.microsoft.intune.mam.policy.MAMEnrollmentManagerImpl.$r8$lambda$WM6rw15dJ2GWTLxdrifJqhGCseM(:0)
at com.microsoft.intune.mam.policy.MAMEnrollmentManagerImpl$$ExternalSyntheticLambda3.run(:0)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:644)
at java.lang.Thread.run(Thread.java:1012)
Company Portal Logs
Incident ID: 3GBNS2JX
The text was updated successfully, but these errors were encountered: