Set the ' PromptLoginBehavior' in your federated domain settings to ' Disabled'. If you want to enable certificate-based authentication for these apps, you need to modify the default Azure AD behavior. By default, Azure AD translates ' prompt=login' in the request to AD FS as ' wauth=usernamepassworduri' (asks AD FS to do U/P Auth) and ' wfresh=0' (asks AD FS to ignore SSO state and do a fresh authentication). Office apps with modern authentication enabled send ' prompt=login' to Azure AD in their request.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |