Forum Discussion

Ketzpatel's avatar
Ketzpatel
Brass Contributor
Sep 07, 2023

Authentication request goes in infinite loop

We have several users in our org have been experiencing authentication issues, as specially on their iOS and Android device, when they enroll a new device or setup Outlook, Teams or any other MS apps on their mobile devices and try to authenticate to setup an account, they all get below error.

MSIS7042: The same client browser session has made '{0}' requests in the last '{1}' seconds. Contact your administrator for details.

We checked the ADFS and everything appears to be fine that end and ADFS successfully issues token to the request. it seems like MS identity platform or relaying party application is misbehaving and is not successfully consuming the token issued by AD FS, and the application is sending the passive client back to AD FS, repeatedly, for a new token. AD FS will issue the passive client a new token each time, as long as they do not exceed 5 requests within 20 seconds.

 

We also opened up a case with Microsoft but so far, no updates and as usual they have no clue.

 

Any help resolving this issue will be greatly appreciated.

    • Ketzpatel's avatar
      Ketzpatel
      Brass Contributor
      Thank you.
      We did not try this as this is not a fix. if we change the loop detection to 1 than users will get the same error but more quicker. This appears to be an issue from MS side as this used to work fine and since last few weeks, we have been having this issue and this only happens with MS apps. Looks like the MS apps are not behaving correctly and not able to validate the token cookies issued by ADFS and keep sending the request to ADFS which than stops by ADFS after 5 attempts which is default loop detection value in our ADFS.

Resources