Forum Discussion
Teams desktop client macOS authentication prompt
jjgage Okay, I think I may have figured out what's going on in our tenant. I logged into Teams in the browser with the Developer console open and I'm seeing errors like this one:
AUTHADAL: Attempting to handle auth response: error:AADSTS500014: The service principal for resource 'https://*.microsoftstream.com' is disabled. This indicate that a subscription within the tenant has lapsed, or that the administrator for this tenant has disabled the application, preventing tokens from being issued for it., resource:https://*.microsoftstream.com, error mapped to action:resourceDisabled
We have Microsoft Support working on our Stream tenant and as part of that process, we were required to disable the application from the Enterprise Applications blade of the Azure AD admin center. I suspect this may be the cause of the repeated authentication prompts. Strange that it's only affecting Teams on Mac. 🤷
If users have already signed in to other Office apps through their Office 365 Enterprise account, when they start Teams they're taken straight to the app. There's no need for them to enter their credentials.
If users are not signed in to their Office 365 Enterprise account anywhere else, when they start Teams, they're asked to provide either single-factor or multi-factor authentication (SFA or MFA), depending on what your organization has decided they'd like the process to entail.
If users are signed in to a domain-joined computer, when they start Teams, they might be asked to go through one more authentication step, depending on whether your organization opted to require MFA or if their computer already requires MFA to sign in. If their computer already requires MFA to sign in, when they open up Teams, the app automatically starts.
If users are signed in to a domain-joined computer and you don't want their user name pre-populated on the Teams sign-in screen, admins can set the following Windows registry to turn off pre-population of the user name (UPN):
Computer\HKEY_CURRENT_USER\Software\Microsoft\Office\Teams
SkipUpnPrefill(REG_DWORD)
0x00000001 (1)
When users start Teams, their computer won't be able to pull their credentials from their Office 365 Enterprise account or any of their other Office applications. Instead, they'll see a prompt asking them for SFA or MFA (depending on your organization's settings). Once users enter their credentials, they won't be required to provide them again. From that point on, Teams automatically starts whenever they're working on the same computer.
Smith_J wasn't anything do to with the login itself, that worked fine with and without MFA - it was some kind of loop. Did you see the video I posted? It flashes up for less than 1sec then disappears, then does same whenever you use the search to start typing someones name. It's very strange and I have never seen it before. Only affected macOS too........maybe Catalina bug?
