Xamarin: Does anyone have a problem when authenticating with MSAL with option WithUseEmbeddedWebView enabled?

Serge Settels 1 Reputation point
2021-05-11T12:23:25.683+00:00

Xamarin: When using AcquireTokenInteractive to authenticate against ADFS one customer forwards their authentication to a secure token server (STS). This one shows an authentication dialog against their local AD system (that default dialog which you also get when you have a IIS website secured with windows authentication).

When using the embedded webviewer (option WithUseEmbeddedWebView(true)) the user is not forwarded (and does not display the dialog). No authentication is possible.
On iOS you get a blank page, on Android you get a page load error.
When using an external webviewer the process works the same as with a webapp. The external viewer has some disadvantages.

It seems that WithUseEmbeddedWebView has limitations, but I cannot find any reference. I do not know if I should change the behaviour for this one customer.

Does anyone have more information on this?

Environment: Xamarin Forms, latest versions, iOS latest version, Android also.
Reproduce:
AcquireTokenInteractive
you see the Microsoft login screen
you enter your email address
you are forwarded to the customer specific environment
blank screen (iOS) / error (Android) / Login dialog (when using a separate browser or disable the embeddedwebview.)
If you authenticate with another emailadres then there is no problem, since the behaviour is related to the domain of the customer.

Xamarin
Xamarin
A Microsoft open-source app platform for building Android and iOS apps with .NET and C#.
5,362 questions
Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,261 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,063 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.