[Feature Request] Add an enum that indicates the source of a token - cache, IdP or broker. #1728
Comments
|
@bgavrilMS : would we want it to be a public property? |
|
Yes, this would benefit our customers in Web Api / Web Api and Daemon scenarios at scale. Some of hte issues they are facing are described below. This improvement hope to address problem 4. Problem 1: if a customer brings online a large number of machines at once (e.g. during a big scale up), then each of these machines will go to AAD to fetch a token, even though the token is identical Problem 2: It takes a few seconds to acquire a token from AAD (mostly network I/O). If during these few seconds other machines require the token, they would go to AAD to get it. Especially problematic if AAD is under high load. Problem 4: You do not have a mechanism to monitor and alarm for when MSAL fails to hit the token cache. |
|
Docs and samples should be updated to showcase usage of this. Similar to logging to be on by default. |
|
I would like to get this in sooner rather than later. I see a pattern among our customers to create new CCA objects for each call, and to not use any cache serialisation. If we had this flag, we could guide customers to writing integration tests / monitoring to check that they don't hit AAD on every request. |
|
LGTM., @bgavrilMS. |
bgavrilMS
changed the title
bgavrilMS
changed the title
|
Fixed in MSAL 4.17.0 release |
Is your feature request related to a problem? Please describe.
Services need to monitor and alarm around cache hits, including the token cache.
Describe the solution you'd like
AuthenticationResult.TokenSourceDescribe alternatives you've considered
Logs and ExpiresOn property can also be used but logs require lots of post-processing and ExpiresOn cannot be used reliably.
The text was updated successfully, but these errors were encountered: