Prevent web app from auto-sign in with incorrect account

George Luff 0 Reputation points
2024-04-03T14:14:34.55+00:00

I am developing a C# web app which uses Entra ID authorization and is connected to a Customer tenant instance. I have multiple additional user/auth requirements which I am handling using Graph API. All of this works so far - running the app in VS2022 redirects to a Microsoft login screen, where I am able to enter the details of a user account from the correct tenant, and thence proceed to use the app.

My issue is that if another Microsoft account is already logged in with the browser, one that is not on the tenant, the app attempts to sign in as that other account which obviously causes issues. Is there a way to stop this from happening? The app registration in Entra is already restricted to single-tenant and if indeed I use a clean browser and try to log in with an out-of-tenant Microsoft account, the log-in fails as intended. I am only experiencing this issue when I run the app and the browser is already signed in as an out-of-tenant account, or if I sign-out of the app after using the correct account, and another Microsoft account is still logged on.

.NET
.NET
Microsoft Technologies based on the .NET software framework.
3,367 questions
ASP.NET Core
ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,157 questions
Blazor
Blazor
A free and open-source web framework that enables developers to create web apps using C# and HTML being developed by Microsoft.
1,385 questions
C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
10,234 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,455 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Bruce (SqlWork.com) 55,601 Reputation points
    2024-04-03T21:29:08.1633333+00:00

    for testing you can use a private session, which will always require a login.

    0 comments No comments