AzureAD · Copilot · Dec 3, 2025 · Dec 3, 2025 · Dec 3, 2025 · Dec 3, 2025
diff --git a/change/@azure-msal-browser-v5-telemetry-cherry-pick.json b/change/@azure-msal-browser-v5-telemetry-cherry-pick.json
@@ -0,0 +1,7 @@
+{
+  "type": "minor",
+  "comment": "Cherry-pick: Add Platform Telemetry (PR #7991) [#7991](https://github.com/AzureAD/microsoft-authentication-library-for-js/pull/7991)",
+  "packageName": "@azure/msal-browser",
+  "email": "[email protected]",
+  "dependentChangeType": "patch"
+}
diff --git a/change/@azure-msal-common-v5-telemetry-cherry-pick.json b/change/@azure-msal-common-v5-telemetry-cherry-pick.json
@@ -0,0 +1,7 @@
+{
+  "type": "minor",
+  "comment": "Cherry-pick: Add Platform Telemetry [#7991](https://github.com/AzureAD/microsoft-authentication-library-for-js/pull/7991)",
+  "packageName": "@azure/msal-common",
+  "email": "[email protected]",
+  "dependentChangeType": "patch"
+}
@@ -462,6 +462,9 @@ export class StandardController implements IController {
                     "handleRedirectPromise - acquiring token from native platform",
                     correlationId
                 );
+                rootMeasurement.add({
+                    isPlatformBrokerRequest: true,
+                });
                 const nativeClient = new PlatformAuthInteractionClient(
                     this.config,
                     this.browserStorage,
@@ -650,6 +653,9 @@ export class StandardController implements IController {
                 this.platformAuthProvider &&
                 this.canUsePlatformBroker(request)
             ) {
+                atrMeasurement.add({
+                    isPlatformBrokerRequest: true,
+                });
                 const nativeClient = new PlatformAuthInteractionClient(
                     this.config,
                     this.browserStorage,
@@ -664,14 +670,19 @@ export class StandardController implements IController {
                     this.nativeInternalStorage,
                     correlationId
                 );
+
                 result = nativeClient
                     .acquireTokenRedirect(request, atrMeasurement)
                     .catch((e: AuthError) => {
+                        atrMeasurement.add({
+                            brokerErrorName: e.name,
+                            brokerErrorCode: e.errorCode,
+                        });
                         if (
                             e instanceof NativeAuthError &&
                             isFatalNativeAuthError(e)
                         ) {
-                            this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
+                            this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt platform broker calls
                             const redirectClient =
                                 this.createRedirectClient(correlationId);
                             return redirectClient.acquireToken(request);
@@ -771,6 +782,9 @@ export class StandardController implements IController {
         const pkce = this.getPreGeneratedPkceCodes(correlationId);
 
         if (this.canUsePlatformBroker(request)) {
+            atPopupMeasurement.add({
+                isPlatformBrokerRequest: true,
+            });
             result = this.acquireTokenNative(
                 {
                     ...request,
@@ -790,11 +804,15 @@ export class StandardController implements IController {
                     return response;
                 })
                 .catch((e: AuthError) => {
+                    atPopupMeasurement.add({
+                        brokerErrorName: e.name,
+                        brokerErrorCode: e.errorCode,
+                    });
                     if (
                         e instanceof NativeAuthError &&
                         isFatalNativeAuthError(e)
                     ) {
-                        this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
+                        this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt platform broker calls
                         const popupClient =
                             this.createPopupClient(correlationId);
                         return popupClient.acquireToken(request, pkce);
@@ -942,10 +960,17 @@ export class StandardController implements IController {
         let result: Promise<AuthenticationResult>;
 
         if (this.canUsePlatformBroker(validRequest)) {
+            this.ssoSilentMeasurement?.add({
+                isPlatformBrokerRequest: true,
+            });
             result = this.acquireTokenNative(
                 validRequest,
                 ApiId.ssoSilent
             ).catch((e: AuthError) => {
+                this.ssoSilentMeasurement?.add({
+                    brokerErrorName: e.name,
+                    brokerErrorCode: e.errorCode,
+                });
                 // If native token acquisition fails for availability reasons fallback to standard flow
                 if (e instanceof NativeAuthError && isFatalNativeAuthError(e)) {
                     this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
@@ -1108,6 +1133,9 @@ export class StandardController implements IController {
                 if (
                     this.canUsePlatformBroker(request, request.nativeAccountId)
                 ) {
+                    atbcMeasurement.add({
+                        isPlatformBrokerRequest: true,
+                    });
                     const result = await this.acquireTokenNative(
                         {
                             ...request,
@@ -1123,6 +1151,10 @@ export class StandardController implements IController {
                         ) {
                             this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
                         }
+                        atbcMeasurement.add({
+                            brokerErrorName: e.name,
+                            brokerErrorCode: e.errorCode,
+                        });
                         throw e;
                     });
                     atbcMeasurement.end(
@@ -1190,7 +1222,6 @@ export class StandardController implements IController {
                 this.acquireTokenByCodeAsyncMeasurement?.end({
                     success: true,
                     fromCache: response.fromCache,
-                    isNativeBroker: response.fromPlatformBroker,
                 });
                 return response;
             })
@@ -1878,7 +1909,6 @@ export class StandardController implements IController {
                     {
                         success: true,
                         fromCache: result.fromCache,
-                        isNativeBroker: result.fromPlatformBroker,
                         accessTokenSize: result.accessToken.length,
                         idTokenSize: result.idToken.length,
                     },
@@ -2117,7 +2147,6 @@ export class StandardController implements IController {
                     this.performanceClient.addFields(
                         {
                             fromCache: response.fromCache,
-                            isNativeBroker: response.fromPlatformBroker,
                         },
                         request.correlationId
                     );
@@ -2167,12 +2196,23 @@ export class StandardController implements IController {
                 "acquireTokenSilent - attempting to acquire token from native platform",
                 silentRequest.correlationId
             );
+            this.performanceClient.addFields(
+                { isPlatformBrokerRequest: true },
+                silentRequest.correlationId
+            );
             return this.acquireTokenNative(
                 silentRequest,
                 ApiId.acquireTokenSilent_silentFlow,
                 silentRequest.account.nativeAccountId,
                 cacheLookupPolicy
             ).catch(async (e: AuthError) => {
+                this.performanceClient.addFields(
+                    {
+                        brokerErrorName: e.name,
+                        brokerErrorCode: e.errorCode,
+                    },
+                    silentRequest.correlationId
+                );
                 // If native token acquisition fails for availability reasons fallback to web flow
                 if (e instanceof NativeAuthError && isFatalNativeAuthError(e)) {
                     this.logger.verbose(

@@ -48,8 +48,7 @@ export function isFatalNativeAuthError(error: NativeAuthError): boolean {
     if (
         error.ext &&
         error.ext.status &&
-        (error.ext.status === NativeStatusCodes.PERSISTENT_ERROR ||
-            error.ext.status === NativeStatusCodes.DISABLED)
+        error.ext.status === NativeStatusCodes.DISABLED
     ) {
         return true;
     }

@@ -166,7 +166,7 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
         // start the perf measurement
         const nativeATMeasurement = this.performanceClient.startMeasurement(
             BrowserPerformanceEvents.NativeInteractionClientAcquireToken,
-            request.correlationId
+            this.correlationId
         );
         const reqTimestamp = TimeUtils.nowSeconds();
 
@@ -200,6 +200,9 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
                         "MSAL internal Cache does not contain tokens, return error as per cache policy",
                         this.correlationId
                     );
+                    nativeATMeasurement.end({
+                        success: false,
+                    });
                     throw e;
                 }
                 // continue with a native call for any and all errors
@@ -220,25 +223,36 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
                 .then((result: AuthenticationResult) => {
                     nativeATMeasurement.end({
                         success: true,
-                        isNativeBroker: true,
                         requestId: result.requestId,
                     });
                     serverTelemetryManager.clearNativeBrokerErrorCode();
+                    if (this.performanceClient && this.correlationId) {
+                        this.performanceClient.addFields(
+                            { isNativeBroker: true },
+                            this.correlationId
+                        );
+                    }
                     return result;
                 })
                 .catch((error: AuthError) => {
                     nativeATMeasurement.end({
                         success: false,
                         errorCode: error.errorCode,
                         subErrorCode: error.subError,
-                        isNativeBroker: true,
                     });
                     throw error;
                 });
         } catch (e) {
             if (e instanceof NativeAuthError) {
                 serverTelemetryManager.setNativeBrokerErrorCode(e.errorCode);
             }
+            nativeATMeasurement.end({
+                success: false,
+                ...(e instanceof NativeAuthError && {
+                    brokerErrorName: e.name,
+                    brokerErrorCode: e.errorCode,
+                }),
+            });
             throw e;
         }
     }
@@ -284,7 +298,7 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
             {
                 nativeAccountId,
             },
-            request.correlationId
+            this.correlationId
         );
 
         if (!account) {
@@ -1144,7 +1158,7 @@ export class PlatformAuthInteractionClient extends BaseInteractionClient {
                 embeddedClientId: child_client_id,
                 embeddedRedirectUri: child_redirect_uri,
             },
-            request.correlationId
+            this.correlationId
         );
     }
 }
@@ -83,6 +83,14 @@ async function getStandardParameters(
         // signal ests that this is a WAM call
         RequestParameterBuilder.addNativeBroker(parameters);
 
+        // instrument JS-platform bridge specific fields
+        performanceClient.addFields(
+            {
+                isPlatformAuthorizeRequest: true,
+            },
+            request.correlationId
+        );
+
         // pass the req_cnf for POP
         if (
             request.authenticationScheme === Constants.AuthenticationScheme.POP

@@ -3,12 +3,12 @@ import {
     NativeAuthErrorCodes,
     createNativeAuthError,
     isFatalNativeAuthError,
-} from "../../src/error/NativeAuthError";
+} from "../../src/error/NativeAuthError.js";
 import {
     InteractionRequiredAuthError,
     InteractionRequiredAuthErrorCodes,
 } from "@azure/msal-common";
-import * as NativeStatusCode from "../../src/broker/nativeBroker/NativeStatusCodes";
+import * as NativeStatusCode from "../../src/broker/nativeBroker/NativeStatusCodes.js";
 import {
     BrowserAuthErrorCodes,
     BrowserAuthError,
@@ -17,7 +17,7 @@ import {
 describe("NativeAuthError Unit Tests", () => {
     describe("NativeAuthError", () => {
         describe("isFatal tests", () => {
-            it("should return true for isFatal when WAM status is PERSISTENT_ERROR", () => {
+            it("should return false for isFatal when WAM status is PERSISTENT_ERROR", () => {
                 const error = new NativeAuthError(
                     "testError",
                     "testErrorDescription",
@@ -28,7 +28,7 @@ describe("NativeAuthError Unit Tests", () => {
                         status: NativeStatusCode.PERSISTENT_ERROR,
                     }
                 );
-                expect(isFatalNativeAuthError(error)).toBe(true);
+                expect(isFatalNativeAuthError(error)).toBe(false);
             });
 
             it("should return true for isFatal when WAM status is DISABLED", () => {