Hi Richard, we have this same problem. Our session settings are very long, (100 days for inactivity, 365 days to require a new login). Regarding your suggestion: By redirecting the user to the universal login page and sending them to a URL with a parameter that does not contain ‘prompt=none’ seems to defeat the purpose of a ‘Silent Auth’ does it not? Is there anything else that can be done? We are getting 1000+ ‘Failed Silent Auth’ events every few seconds.
Ryan