![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 53%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKD%3C/text%3E%3C/svg%3E)
25,081 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 82%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERG%3C/text%3E%3C/svg%3E)
Yes, you can enable seamless single sign-on (SSO) experiences for users by configuring Azure AD to remember their sign-in information across sessions. This can be achieved through various methods such as persistent cookies, session tokens, or device-based authentication. Here are some options you can explore:
Persistent Cookies: Configure Azure AD to issue persistent cookies to users upon successful authentication. Persistent cookies can be set to expire after a certain period, allowing users to remain signed in across sessions without having to re-enter their email addresses frequently.
Session Tokens: Utilize session tokens to maintain the user's authentication state across sessions. When users sign in initially, Azure AD issues a session token that can be used to authenticate subsequent requests without requiring the user to re-enter their credentials.
Device-based Authentication: Azure AD supports device-based authentication methods such as device registration and Azure AD Join. By associating authentication tokens with specific devices, users can seamlessly access applications without re-entering their email addresses, as long as they are using the registered device.
Conditional Access Policies: Implement conditional access policies in Azure AD to define rules for user authentication based on various factors such as location, device, or risk level. You can configure policies to allow seamless authentication for trusted devices or locations while enforcing additional authentication steps for higher-risk scenarios.
Remember Me Functionality: Some applications may offer a "Remember Me" or "Keep me signed in" option on the login page. Enabling this feature allows users to opt-in to persistent authentication, reducing the frequency of sign-in prompts.
It's essential to balance security and user experience when implementing seamless SSO. Consider factors such as the sensitivity of the applications and data accessed, regulatory requirements, and user preferences when configuring authentication settings in Azure AD. Additionally, ensure that users are educated about the implications of persistent authentication and have mechanisms to revoke access if needed.
If this helps you, please select my answer as 'Accepted Answer'.