how to access Web application which is hosted in Azure MSAL in android webview

Agrawal C, Akash 41 Reputation points

We are having two application one is deployed in web and secured using msal now we have made another mobile app and we want to access that web application in android mobile app. After successfully authenticating android mobile app i launch web application. It again ask for sign in.
I tried to pass the MSAL Access token in header to webview where website url is loading but nothing changed it again requested for sign in.
Is there a way i can pass MSAL android access token to Web application and access it without again sign in request?

App is in development

Smartphone (please complete the following information):

Android 11
No Stack trace.

To Reproduce
Login in mobile app. Open any web app which is msal secured in webview. Pass the access token. even after being part of sso that webapp is asking again sign in

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,394 questions
{count} votes

Accepted answer
  1. singhh-msft 2,431 Reputation points

    @Agrawal C, Akash , thank you for reaching out to us. Here is a detailed article How to: Enable cross-app SSO on Android using MSAL about this topic.

    Single sign-on (SSO) allows users to only enter their credentials once and have those credentials automatically work across applications. There are two ways for applications using MSAL for Android to achieve SSO:

    As you are using second option, in it, MSAL supports authorization using a WebView, or the system browser. The image below shows how it looks using the WebView, or the system browser with CustomTabs or without CustomTabs:


    If the application uses a WebView strategy without integrating Microsoft Authenticator or Company Portal support into their app, users won't have a single sign-on experience across the device or between native apps and web apps.

    If the application uses MSAL with a broker like Microsoft Authenticator or Intune Company Portal, then users can have a SSO experience across applications if the they have an active sign-in with one of the apps.

    Use this approach to provide a SSO experience through the device's browser. MSAL uses a shared cookie jar, which allows other native apps or web apps to achieve SSO on the device by using the persist session cookie set by MSAL.


    Please "Accept the answer" and upvote if the information helped you. This will help us and others in the community as well. Also, do share valuable feedback of your experience with us!

1 additional answer

Sort by: Most helpful
  1. Siva-kumar-selvaraj 15,546 Reputation points

    Hi @Agrawal C, Akash ,

    Just make sure that you are not using same access token for two different resource (in our case: Native app & web applications) which is not supported, try to decode Access_Token that you sent in header from and make sure aud claim contains ** Identifier or application ID of web application** .


    if you see different resource in aud claim then try to get new access token with appropriate aud . To lean more, refer

    Hope this helps.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.