Problem statement
An Active Directory connection for an application has been configured. The intended behavior is that it will be used for logins both from internal accounts (@contoso.com) and also from external Microsoft accounts (for example @outlook.com)
However, Single Sign On does not behave as expected. Clicking Login with Microsoft at the Login form results in an email/password prompt being displayed every time. This happens even if the user is currently logged in with a company account.
Troubleshooting
A HAR file that captures the login flow would be useful. For further details, refer to Generate and Analyze HAR Files.
Cause
The behavior may be triggered when the prompt=login parameter is passed to the /authorize endpoint.
Solution
Check to see whether the prompt=login parameter is being passed to the /authorize endpoint. If present, remove “prompt=login” from the argument string that is passed to /authorize and then attempt an SSO login again.