Closed hiteshtare closed 4 years ago
@hiteshtare Is Safari Intelligent Tracking Protection enabled? If so, it is a known issue that this will break login with our libraries. This will be addressed in msal
by switching from the Implicit Flow to the Auth Code Flow, but will not be addressed in ADAL.
@jasonnutter we also have this problem.
did you know how to solve it ?
@gavrielsl Are third-party cookies disabled? If so, the workaround is to enable third-party cookies (and disable ITP). Otherwise, you will need upgrade the next version of MSAL (currently in development, not ready for production yet) which will mitigate Safari (in most scenarios) by switching to the Auth Code Flow w/ PKCE.
I'm submitting a...
[ ] Bug report
Browser:
Library Name
Library version
Library version: 1.0.17
Current behavior
Throws the following error in console: [Error] AADSTS50058: A silent sign-in request was sent but no user is signed in. The cookies used to represent the user's session were not sent in the request to Azure AD. This can happen if the user is using Internet Explorer or Edge, and the web app sending the silent sign-in request is in different IE security zone than the Azure AD endpoint (login.microsoftonline.com). Trace ID: f7d44d7c-aa81-4071-9d37-e659a1c54900 Correlation ID: 0a29cef7-2645-480c-a468-d6c4a7aa4a15 Timestamp: 2020-01-10 09:34:42Z (anonymous function) (polyfills.20ab2d163684112c2aba.js:1:3046)
Expected behavior
Silent sign-in request should be completed successfully.
Minimal reproduction of the problem with instructions
1.Create Angular 7 app using angular cli. 2.Install adal-angular npm module. 3.Create Adal authentication login page. 4.Test this application on on Safari Browser (13.0.4) on MacOS (Catalina 10.15.2). 5.Authentication fails stating error AADSTS50058 has occured