Single Sign On with Active Directory Does Not Behave as Expected

konrad.sopala · January 26, 2024, 3:10pm

Problem statement

An Active Directory connection for an application has been configured. The intended behavior is that it will be used for logins both from internal accounts (@contoso.com) and also from external Microsoft accounts (for example @outlook.com)

However, Single Sign On does not behave as expected. Clicking Login with Microsoft at the Login form results in an email/password prompt being displayed every time. This happens even if the user is currently logged in with a company account.

Troubleshooting

A HAR file that captures the login flow would be useful. For further details, refer to Generate and Analyze HAR Files.

Cause

The behavior may be triggered when the prompt=login parameter is passed to the /authorize endpoint.

Solution

Check to see whether the prompt=login parameter is being passed to the /authorize endpoint. If present, remove “prompt=login” from the argument string that is passed to /authorize and then attempt an SSO login again.

Topic		Replies	Views
Prompt for Credentials is redirecting to Single Sign-On(SSO) when SSO connection is not enabled for Application in Auth0 Help sso , application	0	15	August 16, 2024
Azure Active Directory SSO Login Help sso , login	5	4170	January 2, 2019
Authorization Code Flow with Prompt Setting Not Redirecting Properly Help classic-universal-login-experience , login-experience	0	810	May 4, 2023
Organization login flow Help login-experience , login-prompt-new-experience	0	350	April 9, 2024
SSO is Not Working with Organization Feature Knowledge Articles single-sign-on , organizations	1	511	December 13, 2023

Single Sign On with Active Directory Does Not Behave as Expected

Problem statement

Troubleshooting

Cause

Solution

Related topics