[Bug] NullReferenceException in iOSTokenCacheAccessor.GetTeamId() when initializing PublicClientApplication in MAUI app #5540
Description
Library version used
4.77.1 and 4.70.2
.NET version
9.0.306 (.NET MAUI)
Scenario
PublicClient - mobile app
Is this a new or an existing app?
The app is in production
Issue description and reproduction steps
When initializing PublicClientApplication inside a .NET MAUI project targeting iOS, the app crashes with a System.NullReferenceException during the Keychain access setup.
Steps to reproduce:
- Create a .NET MAUI app targeting iOS.
- Install the latest version of Microsoft.Identity.Client.
- Initialize the MSAL client:
var pca = PublicClientApplicationBuilder
.Create("<client_id>")
.WithRedirectUri("<redirect_uri>")
.Build();
- Run the app on an iOS simulator or device.
Expected behavior:
The MSAL client initializes successfully without exceptions.
Actual behavior:
The app crashes at launch with the following exception trace:
System.NullReferenceException: Object reference not set to an instance of an object.
at Security.SecRecord.Fetch(IntPtr key) in /Users/builder/azdo/_work/1/s/macios/src/Security/Items.cs:line 1057
at Security.SecRecord.FetchObject(IntPtr key) in /Users/builder/azdo/_work/1/s/macios/src/Security/Items.cs:line 1062
at Security.SecRecord.FetchString(IntPtr key) in /Users/builder/azdo/_work/1/s/macios/src/Security/Items.cs:line 1067
at Security.SecRecord.get_AccessGroup() in /Users/builder/azdo/_work/1/s/macios/src/Security/Items.cs:line 1829
at Microsoft.Identity.Client.Platforms.iOS.iOSTokenCacheAccessor.GetTeamId()
at Microsoft.Identity.Client.Platforms.iOS.iOSTokenCacheAccessor.SetiOSKeychainSecurityGroup(String keychainSecurityGroup)
at Microsoft.Identity.Client.Platforms.iOS.iOSTokenCacheAccessor..ctor()
at Microsoft.Identity.Client.Platforms.iOS.iOSPlatformProxy.CreateTokenCacheAccessor(CacheOptions tokenCacheAccessorOptions, Boolean isApplicationTokenCache)
at Microsoft.Identity.Client.TokenCache..ctor(IServiceBundle serviceBundle, Boolean isApplicationTokenCache, ILegacyCachePersistence legacyCachePersistenceForTest)
at Microsoft.Identity.Client.ClientApplicationBase..ctor(ApplicationConfiguration config)
at Microsoft.Identity.Client.PublicClientApplication..ctor(ApplicationConfiguration configuration)
at Microsoft.Identity.Client.PublicClientApplicationBuilder.BuildConcrete()
at Microsoft.Identity.Client.PublicClientApplicationBuilder.Build()
- The crash occurs only on iOS; Android builds work fine.
- The issue happens very early in app startup, during dependency injection (via MAUI AppDelegate).
- No Keychain customization is being applied manually.
- It appears to be a null SecRecord key in native code when fetching the iOS Team ID.
⸻
Additionally, this issue does not occur when using .NET 9.0.305 with Xcode 16.4, where the same code works perfectly.
The crash only appears after upgrading to .NET 9.0.306 and Xcode 26.
This looks like a regression in the iOS platform layer used by MSAL due to stricter null handling in SecRecord.Fetch() (in macios bindings).
The bug is reproducible on iOS only; Android builds are unaffected.
Thanks a lot, really appreciate your help on this one!
Relevant code snippets
Expected behavior
No response
Identity provider
Azure B2C Custom Policy
Regression
No response
Solution and workarounds
No response