@ thanks @AmanpreetSingh-MSFT
I have put 4 screens while I open the Teams app on my AAD joined Win10 laptop.
If you focus on the first screen, I can use any of the 3 accounts that are displayed.
Those are all Windows account meaning there is PRT in the system.
However, I decided to use different account
So I hit "use another account or sign up" link available at the bottom of the screen.
I was taken to the next screen to put my UPN as I have attached here in second screen
After completing the full authentication, I am on Teams app with this new account
by the way, all these screens that we I have attached where user is putting his credentials are in browser context. Right ?
as you can see in first screenshot, there are already 3 PRTs available in this windows-session.
Since that is the maximum number of PRTs possible in one windows-session, I will not be shown the screen “stay signed into all your apps” at the end after user finished authentication of new account as shown in the last 3 screenshots
So when app makes a call like
var pca = PublicClientApplicationBuilder.Create("client_id")
.WithExperimentalFeatures() // in public preview
.WithBroker()
.Build();
My question is, what is the purpose of involving the broker i.e., WAM when we already reached the maximum number of PRT possible.
What difference would it make if the app had used MSAL without WAM ?
My understanding since we are using WAM
the temp-oauth-code will go to WAM redirect-uri and WAM will collect refresh-token and hand it over to the app.
Thanks.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 31%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
