SSO doesn't automatically sign users in

nmw748 1 Reputation point
2022-11-01T13:59:04.377+00:00

I'm trying to create a single sign on app for our students to use on one of the websites they sign into the most. On this website, there already is a 'sign in with Microsoft' option that I created and it works fine. However, when I add the app to myapps.microsoft.com and the students click on it, it takes them to the sign in page of the website, but doesn't automatically sign them in. I believe I have set the redirect urls and everything properly, so not sure what else I could be missing. I've included a couple screenshots, but let me know if you need more information. Thank you in advance.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,190 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Marilee Turscak-MSFT 35,806 Reputation points Microsoft Employee
    2022-11-01T22:45:56.963+00:00

    Hi @nmw748 ,

    Thanks for your post! In your screenshots I only see the Homepage URL. Do you have more than one Reply URL set? You can set multiple reply URLs in a given enterprise application but the token can only be posted to one of the Reply URLs configured in the application, depending on which Reply URL or Assertion Consumer Service URL is included in the authentication request. If the Assertion Consumer Service URL is not included, the SAML Response will be sent to the first Reply URL in the list. (And this should be the URL where you want to direct your users after sign-in.)

    For a ReplyURL that honors an SP-initiated flow, the AssertionConsumerServiceUrl parameter needs to be present in AuthnRequest which is generated by application or else any Reply Address configured in Azure AD can be selected for user redirection.

    -

    If the information helped you, please Accept the answer. This will help us and other members of the community as well.