Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature Request] Optimize OIDC and instance discovery calls #440

Open
bgavrilMS opened this issue Jul 3, 2023 · 0 comments
Open

[Feature Request] Optimize OIDC and instance discovery calls #440

bgavrilMS opened this issue Jul 3, 2023 · 0 comments
Labels
enhancement New feature or request

Comments

@bgavrilMS
Copy link
Member

High scale, multi-tenant applications should not have to perform too many discovery calls, as this affects their performance.

OIDC Discovery

MSALs have no need for OIDC discovery from AAD (and even ADFS) authorities. Instead, MSAL can pre-compute the token and authorization endpoints.

Instance discovery

There are several optimizations that can be done here, see full spec here

The simplest is add a simple static cache between HOSTNAME and instance discovery result

instance_discovery_cache [ "login.microsoft.com"] = JSON

This will solve most problems, except for command line apps performing instance discovery on each call to GetAccounts / AcquireTokenSilent. If needed to implement, please track separately. WAM should not require this.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@bgavrilMS