AzureAD / azure-activedirectory-library-for-js

The code for ADAL.js and ADAL Angular has been moved to the MSAL.js repo. Please open any issues or PRs at the link below.
https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/maintenance/adal-angular
Apache License 2.0
627 stars 372 forks source link

SSO silent authentication fails while the user is connected to his account on different application #891

Closed emadalsous closed 4 years ago

emadalsous commented 4 years ago

I'm submitting a


[ ] Regression (a behavior that used to work and stopped working in a new release)
[ ] Bug report  
[ ] Performance issue
[ ] Feature request
[ *] Documentation issue or request
[ *] Other... Please describe:

Browser:

Library Name

Library version

Library version: 1.0.17

Current behavior

I developed WEB API that will be accessed from CRM dynamics web resource. The Web API is hosted in Azure App Service and using Azure AD for authentication. The Azure AD uses the same tenant as CRM dynamics. The adal.js is not able to acquireToken or login if the user is not explicitly connected using the same account to the web page of the App Service. I am using silent authentication with Adal

Expected behavior

I would like to acquireToken or to login to acquireToken or login the user silently from the CRM dynamics web page "web resource". The web API is hosted in different domain "*.AzureWebsite.com" than CRM dynamics. Is there a way that i can configure Azure AD or the App Service or Adal.JS to really acquire the token silently as long as the user dynamics session is active ?

Minimal reproduction of the problem with instructions

sameerag commented 4 years ago

adal js does not support multiple accounts. A user is tied to a given idToken and hence this may not be possible. Can you try SSO with msal js and see if it works for you?

All current authentication work from microsoft is delivered through msal js library here. adal js is still supported only for security fixes. We would recommend to move to msal js for any advanced feature asks.

jmckennon commented 4 years ago

Closing this as we're assuming this is no longer an issue. We recommend that everyone switch to msal js here for advanced features and bugfixes.