Skip to content

AccountInfo.username is no longer populated for Azure B2C token #8205

Open
Open
AccountInfo.username is no longer populated for Azure B2C token#8205
Labels
Needs: Attention 👋Awaiting response from the MSAL.js teamb2cRelated to Azure B2C library-specific issuesbug-unconfirmedA reported bug that needs to be investigated and confirmedmsal-browserRelated to msal-browser packagemsal-reactRelated to @azure/msal-reactpublic-clientIssues regarding PublicClientApplicationsquestionCustomer is asking for a clarification, use case or information.
@cjbanna

Description

@cjbanna
cjbanna
opened on Dec 15, 2025

Core Library

MSAL.js (@azure/msal-browser)

Core Library Version

4.27.0

Wrapper Library

MSAL React (@azure/msal-react)

Wrapper Library Version

3.0.23

Public or Confidential Client?

Public

Description

The username property is no longer provided in AccountInfo for Azure B2C token.

I traced the problem to release 4.19.0. This was working in 4.18.0.

Here is the relevant react code:

const { instance } = useMsal();
const account = instance.getActiveAccount();
const username = account?.username; // This property is always empty starting in 4.19.0

Here is a sample of the idToken from Azure B2C

{
  "alg": "RS256",
  "kid": "<redacted>",
  "typ": "JWT"
}.{
  "exp": 1765830198,
  "nbf": 1765826598,
  "ver": "1.0",
  "iss": "https://<redacted>.b2clogin.com/<redacted>/v2.0/",
  "sub": "9ea8c064-<redacted>",
  "aud": "3740edc9-<redacted>",
  "nonce": "019b2377-66b7-7953-b4aa-e8c748cdfa54",
  "iat": 1765826598,
  "auth_time": 1765826596,
  "oid": "9ea8c064-<redacted>",
  "emails": [
    "myemail@domain.com"
  ],
  "tfp": "B2C_1_SignUpSignIn"
}.[Signature]

I can workaround the problem by pulling the username from the emails claim.

const username = account?.idTokenClaims?.emails?.[0]

Maybe the behavior in 4.18.0 where username is populated from this type of token was not supported? I'm confused because I didn't expect breaking changes in a minor release.

Error Message

No response

MSAL Logs

No response

Network Trace (Preferrably Fiddler)

  • Sent
  • Pending

MSAL Configuration

{
  auth: {
    clientId: import.meta.env.REACT_APP_AZURE_AD_CLIENT_ID ?? "",
    authority: import.meta.env.REACT_APP_AZURE_AD_AUTHORITY,
    knownAuthorities: [import.meta.env.REACT_APP_AZURE_AD_KNOWN_AUTHORITIES],
    redirectUri: import.meta.env.REACT_APP_AZURE_AD_REDIRECT_URI,
  },
  cache: {
    cacheLocation: "sessionStorage",
    storeAuthStateInCookie: false,
  },
}

Relevant Code Snippets

const { instance } = useMsal();
const account = instance.getActiveAccount();
const username = account?.username;

Reproduction Steps

  1. Obtain an idToken from Azure B2C using a standard "sign-up-sign-in" flow
  2. Use react hook useMsal() to get an instance
  3. Get the active account from the IPublicClientApplication instance
  4. Try to read the username property on the returned AccountInfo

Expected Behavior

Expected: username property populated withe the email address for the Azure B2C user. This is the observed behavior in 4.18.0

Identity Provider

Azure B2C Basic Policy

Browsers Affected (Select all that apply)

Firefox

Regression

@azure/msal-browser 4.18.0

Metadata

Metadata

Assignees

No one assigned

    Labels

    Needs: Attention 👋Awaiting response from the MSAL.js teamb2cRelated to Azure B2C library-specific issuesbug-unconfirmedA reported bug that needs to be investigated and confirmedmsal-browserRelated to msal-browser packagemsal-reactRelated to @azure/msal-reactpublic-clientIssues regarding PublicClientApplicationsquestionCustomer is asking for a clarification, use case or information.

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions