Cannot sign in with a different user even on Remove Account if Keep me Signed In was checked during login

[anujc]

If a user clicked Keep Me Signed In on Login, he is not signed out even on Remove Account. Therefore, another user can never sign in to this app. The NativeClient-DotNet app clears cookies from the browser control before sign in. Something should be done for this app (NativeClient-WindowsStore) to sign out the user who has clicked Keep Me Signed In

[skwan]

Fixing this will require an updated version of ADAL for Windows Store, which is in the works.

[Geertvdc]

hi Skwan. is there any way to log out after pressing this checkbox by accident? i'm using the ADAL library but several of my users clicked this button by accident. in older versions of the ADAL library the credentials were stored in the credential manager but they aren't any more.

now the only way to fix it for my users is to "refresh windows" which isn't what they like

[vibronet]

The challenge there is that the "keep me signed in" checkbox creates a persistent cookie in the WebAuthenticaitonBroker (WAB), and the WAB's cookie jar is inaccessible form the application. You can clean up the cookie by triggering a sign out while using the exact same WAB instance. Try code to the effect of the following:

string requestUrl = "https://login.windows.net/common/oauth2/logout?post_logout_redirect_uri=" + Uri.EscapeDataString(WebAuthenticationBroker.GetCurrentApplicationCallbackUri().ToString()); await WebAuthenticationBroker.AuthenticateAsync(WebAuthenticationOptions.SilentMode, new Uri(requestUrl));

HTH V.

[skwan]

By the way, there is a bug in Azure AD right now where if you set Promptbehavior.Always on your AcquireToken call, Azure AD doesn't always prompt. We will fix this bug relatively shortly. If there are cases where you want to definitely make sure the user gets prompted and the Keep Me Signed In state is ignore, you can use Promptbehavior.Always.