Azure AD B2C social login KMSI next-best alternative

Nigel 6 Reputation points

I've been pouring over the documentation (e.g. and got my single page app working with MSAL and Azure AD B2c.

I have the session lifetime set to the maximum 24 hours (1440) and the KMSI set to 30 days (for local accounts). But for social accounts the user experience is a bit clunky. After 24 hours the user must log in again and this requires interaction. I understand the reason for having to re-authenticate ( but I'm still hoping I can improve the social sign-in experience for users. Currently, every 24 hours a social (e.g. Facebook) user goes through these steps:

1: open the app or return to their browser
2: MSAL doesn't find account so login flow is initiated
3: User is redirected to sign up/sign in flow
4: user is presented with screen with all sign in options, including multiple social accounts (Facebook, twitter, etc.....) and "don't have an account - sign up here"
5 user selects Facebook
6 user redirected back to app

My main issue is with step 4 and 5. If the user is still signed into Facebook, they only need to click the button. But can we remember their choice if they use the same browser?

To put another way, if the user is still signed into Facebook and hasn't removed my app, can step 4 and 5 be done without user interaction?

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,759 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,540 questions
0 comments No comments
{count} vote