When a user is a member of many groups in Entra, they end up with HTTP 431

[hajekj]

trafficstars

Reopening #435 and #425

Why would you store group memberships in the cookies? If it is because it returns with the token, you can just configure the app registration to omit them - https://learn.microsoft.com/en-us/entra/identity-platform/optional-claims?tabs=appui#configuring-groups-optional-claims

I tried looking through the docs and didn't find any reference to usage of groups anyways. So why not just remove it from the token = solved?

This seems like a fairly simple fix. Any chance anyone can look into it? It is quite annoying issue.

I blogged about this general issue a while ago - https://hajekj.net/2017/10/30/the-dangers-of-too-many-cookies-on-a-website/

/cc: @derekbekoe