Back
Microsoft SSO Session Secret
hi, I am trying to authenticate using the session secret generated when logged in using microsoft SSO. it works when I create a session using email and password but it's not working when I use the secret from microsoft SSO session
if I generate JWT and use setJWT, it works but only for 15 minutes. hence I am trying to use setSession instead for longer session expiry:
TypeScript
sessionPayload.session: {
$id: '67ad302a6fc23dc69f06',
$createdAt: '2025-02-12T23:35:06.460+00:00',
$updatedAt: '2025-02-12T23:35:06.460+00:00',
userId: 'redacted',
expire: '2026-02-12T23:35:06.457+00:00',
provider: 'microsoft',
providerUid: '9c407a08-9a02-4fec-8fa5-e5e57155f019',
providerAccessTokenExpiry: '2025-02-13T00:55:04.457+00:00',
providerAccessToken: 'redacted',
providerAccessToken: 'redacted',
ip: 'redacted',
osCode: 'WIN',
osName: 'Windows',
osVersion: '10',
clientType: 'browser',
clientCode: 'PS',
clientName: 'Microsoft Edge',
clientVersion: '132.0',
clientEngine: 'Blink',
clientEngineVersion: '132.0.0.0',
deviceName: 'desktop',
deviceBrand: '',
deviceModel: '',
countryCode: 'us',
countryName: 'United States',
current: false,
factors: [ 'email', 'oauth2' ],
secret: 'f89f31b1c0fa9ed998a55e537f1436fd78655d8b2860be0d43aa2d0d401f2545',
mfaUpdatedAt: ''
}
AppwriteException: User (role: guests) missing scope (account)
console.log("sessionPayload.session: ", sessionPayload.session);
const client = new Client().setEndpoint(process.env.CMS_ENDPOINT).setProject(process.env.CMS_PROJECT_ID).setSession(sessionPayload.session.secret);
const account = new Account(client);
userAccount = await account.get();
TL;DR
Developers are having issues with setting a longer session expiry using Microsoft SSO secret. The solution is to use `setJWT` with JWT generation for a longer session period instead of `setSession`. 