SSO silent authentication fails while the user is connected to his account on different application

[emadalsous]

I'm submitting a

[ ] Regression (a behavior that used to work and stopped working in a new release)
[ ] Bug report  
[ ] Performance issue
[ ] Feature request
[ *] Documentation issue or request
[ *] Other... Please describe:

Browser:

• [ ] Chrome version XX
• [ ] Firefox version XX
• [ ] IE version XX
• [ ] Edge version XX
• [ ] Safari version XX

Library Name

• [ *] adal.js XX
• [ ] adal-angular XX

Library version

Library version: 1.0.17

Current behavior

I developed WEB API that will be accessed from CRM dynamics web resource. The Web API is hosted in Azure App Service and using Azure AD for authentication. The Azure AD uses the same tenant as CRM dynamics. The adal.js is not able to acquireToken or login if the user is not explicitly connected using the same account to the web page of the App Service. I am using silent authentication with Adal

Expected behavior

I would like to acquireToken or to login to acquireToken or login the user silently from the CRM dynamics web page "web resource". The web API is hosted in different domain "*.AzureWebsite.com" than CRM dynamics. Is there a way that i can configure Azure AD or the App Service or Adal.JS to really acquire the token silently as long as the user dynamics session is active ?

Minimal reproduction of the problem with instructions

[sameerag]

adal js does not support multiple accounts. A user is tied to a given idToken and hence this may not be possible. Can you try SSO with msal js and see if it works for you?

All current authentication work from microsoft is delivered through msal js library here. adal js is still supported only for security fixes. We would recommend to move to msal js for any advanced feature asks.

[jmckennon]

Closing this as we're assuming this is no longer an issue. We recommend that everyone switch to msal js here for advanced features and bugfixes.