Skip to content

[Bug] PoP auth on macOS gives ServerNonceInvalidSignature error from Graph endpoint #761

New issue
New issue
Open
Open
[Bug] PoP auth on macOS gives ServerNonceInvalidSignature error from Graph endpoint#761
Assignees
fengga
Labels
public-client
@pvaneck

Description

@pvaneck
pvaneck
opened on Oct 23, 2024

Describe the bug

Running the following script works on Windows with WAM, but not on macOS with Company Portal:

https://gist.github.com/pvaneck/d304306a303c8d6ad8ccac52d995f4a8

Instead, on macOS, the request with the PoP token yields a 401 response with the following error:

{"error":{"code":"InvalidAuthenticationToken","message":"ServerNonceInvalidSignature","innerError":{"date":"2024-10-23T01:24:12","request-id":"488ed87e-30cb-466f-85a1-f898e60351e1","client-request-id":"488ed87e-30cb-466f-85a1-f898e60351e1"}}}

Any ideas what could be causing this?

To Reproduce

Install the latest msal and pymsalruntime, and run the following script which runs through the PoP authentication flow with Microsoft Graph.

https://gist.github.com/pvaneck/d304306a303c8d6ad8ccac52d995f4a8

Expected behavior

The request to the Graph endpoint should yield a 200 response.

What you see instead

A 401 response is returned with a ServerNonceInvalidSignature error.

The MSAL Python version you are using

msal==1.31.0
pymsalruntime==0.17.1

Metadata

Metadata

Assignees

Labels

public-client

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions