Forum Discussion
AIP Client Authentication Prompt
Hey guys,
We just installed Azure Information Protection Client in our environment. We are using onPremise AD with PTA and seamless SSO. Everything is working great except the onetime Authentication prompt to AIP, when starting an Office app. We just have to supply the username and the rest is working automatically.
I have read through the documentation but could not find a hint.
All other services such as portal.office.com are working without any prompts, so seamless SSO is clearly not the problem.
Thank you very much for your help!
8 Replies
rgobat Few tips on this:
- Is the Information Protection app triggered in any Conditional Access rule? Take a look a that.
- try adding *.Protection.Outlook.com to your list of trusted sites (or intranet zone)
Thank you for you reply.
- No AIP ist not part of any Conditional Access Policies
- Unfortunately adding *.protection.outlook.com does not help
Seamless SSO it client-dependent, not every application support it. Some apps deliberately provide you with a prompt, to address scenarios where you might be using more than one id/tenant.
That said I'm not sure whether this is "expected" with the AIP client, might be a good uservoice suggestion if not 🙂
Are the AIP IP addresses being allowed through your firewall?
The Azure Information Protection service also depends on two specific IP addresses:
- 13.107.6.181
- 13.107.9.181
As per - https://docs.microsoft.com/en-us/azure/information-protection/requirements
Thanks for the tip. Yeah these IP adresses are allowed.
Thanks, any idea where to check if it is an "exptected" behavior :)?
Just to clarify, does this happen every time you open an Office client app such as Word or Excel? If so, then I don't believe this is expected behaviour.
