[Bug] Version 4.61.3 seems to bring about very significant increases in token endpoint and metadata request volumes #4855
Labels
confidential-client
needs attention
Delete label after triage
untriaged
Do not delete. Needed for Automation
Comments
sgryt
added
needs attention
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Library version used
4.61.3
.NET version
Various
Scenario
ConfidentialClient - web site (AcquireTokenByAuthCode)
Is this a new or an existing app?
The app is in production, and I have upgraded to a new version of MSAL
Issue description and reproduction steps
This report is being created on behalf of a number of customers of our service, all exhibiting the same change in traffic volume behavior towards our service.
On June 11/12, the request volume towards our service (which is an OpenID Provider) token and OIDC metadata endpoints increased dramatically overnight. Dialog with customers indicates that they bumped the Microsoft.Identity.Client library from version
4.60.3to4.61.3at that time.The increase in volume is about 3 orders of magnitude (1000x).
I don't have much more detail to reveal at the moment (we do not have access to the codebases of our customers, so I cannot inspect their specific setup/middleware configuration).
Please advise on how to proceed ? We would very much like to be able to guide our customers on how to reestablish the previous traffic patterns.
Relevant code snippets
No response
Expected behavior
A reasonable ratio between succesful authorize requests and subsequent token exchange requests.
Identity provider
Other
Regression
No response
Solution and workarounds
No response
The text was updated successfully, but these errors were encountered: