MSAL - Net Throttling (Cache Tokens) ??

When i Use the SQL Doc application to document a simple Azure DB  i get the following error;

Microsoft.Data.SqlClient.SqlException (0x80131904): Failed to authenticate the user <USERNAME> in Active Directory (Authentication=ActiveDirectoryPassword).
Error code 0xinvalid_grant
Your app has been throttled by AAD due to too many requests. To avoid this, cache your tokens see https://aka.ms/msal-net-throttling.

Are you able to advise where in the Azure Portal I can get this supported as the link above - basically tells me how to write code to support this.  
Tagged:

Best Answer

  • Jon_KirkwoodJon_Kirkwood Posts: 441 Gold 1
    Hi all, 

    Sorry that this issue is persisting for you, we have had some reports of users resolving this by changing their authentication method.

    If you are using the following connection method:
    Active Directory integrated authentication (Azure)
     
    Can you please try changing it to
    Active Directory universal with MFA authentication (Azure)
    and advising if this error is still persisting.


    Jon Kirkwood | Technical Support Engineer | Redgate Software

Answers

  • Hi @Namshub101

    Thank you for contacting Redgate support regarding your SQL Doc query.
    Sorry you are getting an error when accessing an Azure DB 

    I've had a look through our knowledge base and am not familiar with this error occurring in our products before. Are you able to share a screenshot of the error so I can see what is going on.

    Can you confirm the version of SQL Doc you are running.
    Our latest version is v5.2.5. If you are running an older version are you able to patch and advise if the error still occurs. Download for this version is available here:
    https://download.red-gate.com/checkforupdates/SQLDoc/SQLDoc_5.2.5.3318.exe


    Finally, if the error is still occurring can you please provide a copy of your log files so we can investigate further. Please set logging to Verbose
    https://documentation.red-gate.com/sdoc/troubleshooting/logging-and-log-files

    You can upload the logs to this unique link - it will be active for 14 days
    https://files.red-gate.com/requests/JTJ7cGoxbAeS4MDAtiIdIF

    Jon Kirkwood | Technical Support Engineer | Redgate Software
  • @Namshub101 - have received your file upload

    Shall look at the error log & screenshots and discuss with the SQL Doc product experts and expect to provide an update shortly
    Jon Kirkwood | Technical Support Engineer | Redgate Software
  • Hi @Namshub101

    Our development team are looking into this and are wondering if you are able to assist by downgrading your SQL Doc version to v5.2.2 and advise if you are still getting this throttling error

    Download link is here:
    https://download.red-gate.com/checkforupdates/SQLDoc/SQLDoc_5.2.2.2893.exe

    Looking forward to your feedback regarding this and hopefully lead to a fix.
    Jon Kirkwood | Technical Support Engineer | Redgate Software
  • Hi

    I can confirm that downgrading the tool worked and i can now complete a documentation task against the failing database
  • Thanks for confirming that, I will escalate this to our developers to investigate as a potential bug.
    Would suggest staying on v5.2.2 until a new release is made available referencing a fix to Azure/Active Directory authentication. 

    I will attempt to come back to this thread with an update but would also suggest monitoring the SQL Doc release notes:
    https://documentation.red-gate.com/sdoc/release-notes-and-other-versions/sql-doc-5-2-release-notes
    Jon Kirkwood | Technical Support Engineer | Redgate Software
  • Our developers have announced release of v5.2.6 which has included support for SSMS 19 GA and potential fix for this throttling error.

     

    Can you please patch at your earliest convenience and verify if this issue has now been resolved.

     

    Download link here:

    https://download.red-gate.com/checkforupdates/SQLDoc/SQLDoc_5.2.6.3425.exe

     

    Version 5.2.6 - February 22nd, 2023

    Features

    • Added support for SSMS 19 GA.
    Jon Kirkwood | Technical Support Engineer | Redgate Software
  • Namshub101Namshub101 Posts: 7 Bronze 1
    Hi unfortunately the new release did not fix the issue and reverted back to the same issue with.

    Microsoft.Data.SqlClient.SqlException (0x80131904): Failed to authenticate the user <accountname>  in Active Directory (Authentication=ActiveDirectoryPassword).
    Error code 0xinvalid_grant
    Your app has been throttled by AAD due to too many requests. To avoid this, cache your tokens see https://aka.ms/msal-net-throttling.
       at Microsoft.Data.SqlClient.SqlInternalConnectionTds.GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)
       at Microsoft.Data.SqlClient.SqlInternalConnectionTds.OnFedAuthInfo(SqlFedAuthInfo fedAuthInfo)
       at Microsoft.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
       at Microsoft.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
       at Microsoft.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK)
       at Microsoft.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, Boolean withFailover, Boolean isFirstTransparentAttempt, Boolean disableTnir)
       at Microsoft.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString connectionOptions, SqlCredential credential, TimeoutTimer timeout)
       at Microsoft.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(TimeoutTimer timeout, SqlConnectionString connectionOptions, SqlCredential credential, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance)
       at Microsoft.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions, SessionData reconnectSessionData, ServerCertificateValidationCallback serverCallback, ClientCertificateRetrievalCallback clientCallback, DbConnectionPool pool, String accessToken, SqlClientOriginalNetworkAddressInfo originalNetworkAddressInfo, Boolean applyTransientFaultHandling)
       at Microsoft.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions)
       at Microsoft.Data.ProviderBase.DbConnectionFactory.CreateNonPooledConnection(DbConnection owningConnection, DbConnectionPoolGroup poolGroup, DbConnectionOptions userOptions)
       at Microsoft.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection)
       at Microsoft.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
       at Microsoft.Data.SqlClient.SqlConnection.TryOpenInner(TaskCompletionSource`1 retry)
       at Microsoft.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry, SqlConnectionOverrides overrides)
       at Microsoft.Data.SqlClient.SqlConnection.Open(SqlConnectionOverrides overrides)
       at RedGate.SQLDoc.Engine.ContentRender.SQLQuery.SQLQueryExecutor.GetVersion(IProject project)
       at RedGate.SQLDoc.Engine.ContentRender.SQLQuery.SQLQueryExecutor.GetCreationDates(IProject project, String databaseName, String syscollection, Char objectType)
       at RedGate.SQLDoc.Engine.ContentRender.SQLQuery.SQLQueryExecutor.GetViewTableInformation(IProject project, String databaseName, String fullyQualifiedObjectName)
       at RedGate.SQLDoc.Engine.Utils.Cache`4.Get(TIn1 input1, TIn2 input2, TIn3 input3)
       at RedGate.SQLDoc.Engine.ContentRender.Extract.ExtractViewTableBase.GetCreatedAndModified(String& created, String& updated, String fullyQualifiedName)
       at RedGate.SQLDoc.Engine.ContentRender.Extract.ExtractTable.ExtractProperties()
       at RedGate.SQLDoc.Engine.ContentRender.Extract.ExtractObject`1.AddProperties()
       at RedGate.SQLDoc.Engine.ContentRender.Extract.ExtractDatabaseObject.ExtractBody()
       at RedGate.SQLDoc.Engine.ContentRender.Extract.ExtractStandardNode`1.GetContentRaw()
       at RedGate.SQLDoc.Engine.ContentRender.Extract.ExtractStandardNode`1.GetContent()
       at RedGate.SQLDoc.Engine.ContentRender.Producer.Word.ProduceWord.ProduceNode(Content content)
       at RedGate.SQLDoc.Engine.ContentRender.Producer.TrackedRendererProducer.ProduceNodes(ProgressPercentageTracker tracker, IProducer myProducer, Content content, Int32 depth)
       at RedGate.SQLDoc.Engine.ContentRender.Producer.TrackedRendererProducer.ProduceNodes(ProgressPercentageTracker tracker, IProducer myProducer, Content content, Int32 depth)
       at RedGate.SQLDoc.Engine.ContentRender.Producer.TrackedRendererProducer.ProduceNodes(ProgressPercentageTracker tracker, IProducer myProducer, Content content, Int32 depth)
       at RedGate.SQLDoc.Engine.ContentRender.Producer.TrackedRendererProducer.ProduceNodes(ProgressPercentageTracker tracker, IProducer myProducer, Content content, Int32 depth)
       at RedGate.SQLDoc.Engine.ContentRender.Producer.TrackedRendererProducer.ProduceNodes(ProgressPercentageTracker tracker, IProducer myProducer, Content content, Int32 depth)
       at RedGate.SQLDoc.Engine.ContentRender.Producer.TrackedRendererProducer.Produce(ProgressPercentageTracker tracker, RenderContext render, Content content)
       at RedGate.SQLDoc.Engine.DocumentationEngine.DocumentFromTree(ProgressPercentageTracker tracker)
       at RedGate.SQLDoc.Engine.DocumentationEngine.DocumentAllItems(ProgressPercentageTracker tracker)
       at RedGate.SQLDoc.Engine.DocumentationEngine.DocumentDatabases(String serverName)
       at RedGate.Shared.Controls.ProgressDialogEx.<>c__DisplayClass82_1.<DoTasks>b__0(Object q)
    ClientConnectionId:63155426-06af-48b2-b677-7fca45aa6afc
  • sperry1625sperry1625 Posts: 5 New member
    This same issue is happening to me.
  • Namshub101Namshub101 Posts: 7 Bronze 1
    Any further feedback? - should i raise this now as a support ticket?
  • DejjuBDejjuB Posts: 2 New member
    I am still getting this error in version 5.2.6.3425


  • Namshub101Namshub101 Posts: 7 Bronze 1
    edited March 29, 2023 7:00AM
    removed 
  • Namshub101Namshub101 Posts: 7 Bronze 1
    Hi 
    I can confirm that this work around worked (when i managed to get my correct Admin account format - hence removal of the last updated
  • DejjuBDejjuB Posts: 2 New member
    @Jon_Kirkwood 's advise to use MFA authentication worked with 5.2.6.3425
    Active Directory universal with MFA authentication (Azure)
Sign In or Register to comment.