I’ve implemented OneDrive integration to allow users to save reports directly to their OneDrive accounts, using Microsoft OAuth to obtain the access token. For the most part, the integration is working as expected.
However, we’re encountering an issue with certain user accounts. Microsoft is returning both a session_state parameter and the authorization code together in the query string during the redirect. When both session_state and code are present in the URL, Auth0’s authentication flow is unexpectedly triggered, causing users to be redirected to the home page after re-authentication, which disrupts the flow.
I’ve been stuck on this issue for several days now and haven’t found a solution. It seems to be related to how Auth0 handles this specific case. Any advice or suggestions for resolving this would be greatly appreciated.