How can I setup an Azure SSO web application such that users can access the application by providing their User ID and Password instead of using the SSO login flow?

Sunil Ferro 1 Reputation point
2024-04-16T10:09:11.9466667+00:00

We have a web application that is configured for single sign-on with SAML in Azure. There are users (employees) setup in the Active Directory however there are other users (contractors) who are not in the Active Directory and we need to give them the ability to sign in to the application as well. Is it possible to setup the SSO web application such that users can sign in using their traditional login credentials (User ID, Password) if they do not want to use SSO?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,521 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sandeep G-MSFT 14,491 Reputation points Microsoft Employee
    2024-04-17T05:40:32.9366667+00:00

    @Sunil Ferro

    Thank you for posting this in Microsoft Q&A.

    As I understand you have an SAML application configured in Azure AD. And you want users to be prompted for credentials whenever they try to access the application. Basically, you doesn't want SSO to work for users whoever tries to access this application.

    To require users to be prompted for credentials every time they access the application, you need to update your application code to include forceAuthn="true" parameter in the authentication request. This is an SAML parameter that forces interactive authentication regardless of whether a valid PRT and/or Cookies are present or not.

    Read more: https://learn.microsoft.com/en-us/azure/active-directory/develop/single-sign-on-saml-protocol

    221698-image.png

    Let me know if you have any further questions.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.