Forum Discussion

Vincent_B's avatar
Vincent_B
Copper Contributor
Apr 24, 2025

Entra ID credentials in Azure Virtual Desktop

Hello,   When Entra ID users want to access their passwords in Chrome/Edge they get a Windows security prompt asking for their credentials. When they enter their Entra ID username and password, th...
Vincent_B's avatar
Vincent_B
Copper Contributor
May 04, 2025

Users are cloud only Entra ID users.

Chris_toffer0707's avatar
Chris_toffer0707
Iron Contributor
May 07, 2025

I have investigated this further.

The lack on TPM chip in normal Azure SKUs (you can have vTPM using Azure Confidential SKUs), blocks the usage of Windows Hello for Business. 

Also, when logging into an AVD session host (either via WindowsApp or browser), Microsoft handles the authentication of the user and then passes a token to the session host, allowing the user to be signed in to the session host. Microsoft does not gather the password and forward to the session host. 

The lack of Kerberos tickets in a setup without Active Directory prevents us from authenticating towards Microsoft Edge Passwords. If Microsoft Edge Passwords did its authentication against Entra ID, it would work. Even then Profile sync including password sync are configured in the Microsoft Edge profile, still Microsoft asks for the password of the signed in user session.

So bottomline is that you would need to implement a 3-party password manager solution like 1Password that supports Entra ID federated authentication.