Unhandled Bad Request when Login Page is left open
When a user goes to a B2C login page and waits a certain amount of time (seems like 4 hours) and then tries to login the page has an unhandled error.
If its a local account, then the ajax call fails and the page does not handle it so the user can attempt to login over and over with nothing happening.
If it is a Identity Provider login, then the page heads to a empty page with just the words bad request. The image is attached.
It appears that the problem occurs because the state properties are validated before any other logic. When they are expired, then the page just fails instead of redirecting back to the return url with an error message.
This is a bad experience and there is no way for us to protect users from this situation because it is all on the microsoft side.
Please handle this error properly and redirect back to the return url with an error code that we can properly handle.

3 comments
-
Dimitri commented
Any update or fix?
-
Ken Wong commented
Yes, absolutely shocking experience.
-
Tushar Raj commented
Do we have any updates on this because I am also facing the same issue.