Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature Request] Some AAD exceptions should marked as retry-able by the library #3649

Open
bgavrilMS opened this issue Sep 1, 2022 · 2 comments
Open

[Feature Request] Some AAD exceptions should marked as retry-able by the library #3649

bgavrilMS opened this issue Sep 1, 2022 · 2 comments
Labels
Feature Request Supportability

Comments

@bgavrilMS
Copy link
Member

bgavrilMS commented Sep 1, 2022
edited
Loading

See https://portal.microsofticm.com/imp/v3/incidents/details/331258498/home for details

A multi-tenant service acquires tokens for users / service principals from various other tenants. The state of these tenants can be "bad", for example the tenant could have been deleted, disabled by its owner, disabled by AAD etc.

Example:

AADSTS5000224: We are sorry, this resource is not available. If you are seeing this message by mistake, please contact ...

Solution wanted:

There should be some sort of exception classification and guidance for app developers on how to handle these errors. At the very least, the rerty-able aspect should be shown.

Some errors are retry-able, e.g. "a cert update is in progress".

Related issue: #3648
@pmaytak
Copy link
Contributor

pmaytak commented Sep 1, 2022

There should be some sort of exception classification and guidance for app developers on how to handle these errors.

I think this ^ is covered under second point in #3561. Although a separate issue would be good too.

At the very least, the rerty-able aspect should be shown.

And this issue should be specifically for this ^ (since it's not just multi-tenant apps). [Feature Request] Expose IsRetryable in MsalServiceException based on error from AAD

@gladjohn gladjohn added this to the 4.48.0 milestone Sep 16, 2022
@bgavrilMS bgavrilMS changed the title [Feature Request] Bad dev ex for multi-tenant apps when encountering tenant exceptions [Feature Request] Some AAD exceptions should marked as retry-able by the library Oct 5, 2022
@pmaytak pmaytak removed this from the 4.48.0 milestone Nov 2, 2022
@rayluo
Copy link
Contributor

rayluo commented Mar 28, 2024
edited
Loading

I ran into similar issues, and searching the error number brought me to this issue. The proposal above makes sense, but to clarify, the two examples in the description were in different categories, weren't they?

See https://portal.microsofticm.com/imp/v3/incidents/details/331258498/home for details

A multi-tenant service acquires tokens for users / service principals from various other tenants. The state of these tenants can be "bad", for example the tenant could have been deleted, disabled by its owner, disabled by AAD etc.

Example:

AADSTS5000224: We are sorry, this resource is not available. If you are seeing this message by mistake, please contact ...

That one, as concluded by the quoted ICM, should not retry.

Solution wanted:

There should be some sort of exception classification and guidance for app developers on how to handle these errors. At the very least, the rerty-able aspect should be shown.

Some errors are retry-able, e.g. "a cert update is in progress".

This kind of "... in progress" can be retried.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Feature Request Supportability
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@rayluo @bgavrilMS @pmaytak @gladjohn