Silent SAML authentication

testuser7 271 Reputation points
2022-10-24T18:17:43.21+00:00

Hello,

I have simple SAML app that I want to get into from one Azure-AD joined Windows 10 device.

So when the app redirects my browser to Azure-AD, the app wants to do silent authentication.
Hence the app is sending isPassive=true in the SAML request.

Everything looks logical expect that, there is NO account in the cookie.
The only account that I am operating with is the PRT
So I was in impression that Azure-AD will use the incoming PRT with the SAML request and get the SAML-assertion out for the app.

Unfortunately AAD is not doing that way.
AAD is erroring out, saying that passive form is NOT possible because there is NO ACCOUNT in the cookie.
My question is, how can app instructs silent-authentication in the request and instructs AAD to use the PRT ??

Thanks.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,181 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Lynn Niu 236 Reputation points
    2022-10-27T09:16:22.747+00:00

    You can remove prompt=none in contrast to see what will happen in chrome? Will it instruct you to login?

    0 comments No comments

  2. testuser7 271 Reputation points
    2022-10-27T18:23:26.497+00:00

    Sure will do that. Thanks @Givary-MSFT

    0 comments No comments