Previous User Still Logged In: SAML Enterprise Connection to Microsoft Entra ID (Azure AD) SP-Initiated flow

konrad.sopala · December 13, 2023, 9:41am

Problem statement

With SP-Initiated flow, try to log in as user1@example.com while the user logged in to Microsoft Entra ID (Azure AD) as user2@example.com, but the user still logged in as user2@example.com.

This is expected behavior since the user has a session with IdP as user2@example.com.

The user needs to do a federated logout from IdP first and then log in with the new email address (In this case, user1@example.com). Refer to the Log Users Out of SAML Identity Providers guide for more information.

Related References

Topic		Replies	Views
Forward login hint to Microsoft Entra ID with SAML Connection Help connections , saml-enterprise-connection	0	394	June 12, 2024
Pre Registation Flow with SAML User Help login-experience , signup-prompt-new-experience	4	686	October 27, 2023
IdP-Initiated SSO with Azure as IdP: Invalid State Help saml , openid	4	4741	October 21, 2020
IdP-Initiated SSO and specifying different scopes and Auth0 applications Help saml , samlp	4	4387	January 19, 2019
Block IDP initiated flow in Auth0 SP Help saml , auth0 , idp-initiated	1	3502	March 12, 2020