Home

Microsoft Edge Dev - Azure Active Directory Seamless Single Sign-On

%3CLINGO-SUB%20id%3D%22lingo-sub-695598%22%20slang%3D%22en-US%22%3EMicrosoft%20Edge%20Dev%20-%20Azure%20Active%20Directory%20Seamless%20Single%20Sign-On%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-695598%22%20slang%3D%22en-US%22%3E%3CP%3EMicrosoft%20Edge%20Dev%20build%26nbsp%3B%3CSPAN%3EVersion%2076.0.182.6.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EWe%20have%20implemented%20Azure%20Active%20Directory%20Seamless%20Single%20Sign-on%20(%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fhybrid%2Fhow-to-connect-sso%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fhybrid%2Fhow-to-connect-sso%3C%2FA%3E)%20and%20confirmed%20that%20it%20works%20both%20in%20Google%20Chrome%20(build%2075.0.3770.90)%20and%20Internet%20Explorer%20v11%20on%20Windows%2010%20v1903%20build%2018362.175.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EOn%20Chrome%20and%20IE%20when%20accessing%20an%20Office%20365%20URL%2C%20after%20entering%20the%20username%20a%20redirect%20occurs%20that%20shows%20that%20the%20account%20is%20trying%20to%20sign-in%20without%20the%20need%20for%20the%20password%20to%20be%20entered%20before%20being%20prompted%20to%20confirm%20sign-in%20using%20MFA.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EOn%20Microsoft%20Edge%20Dev%20this%20does%20not%20occur%20and%20the%20normal%20login%20procedure%20is%20followed%20of%20username%20%3D%26gt%3B%20password%20%3D%26gt%3B%20MFA.%20Is%20there%20a%20setting%20in%20the%20browser%20that%20needs%20to%20be%20enabled%20in%20the%20current%20build%20for%20the%20SSO%20to%20work%20or%20will%20it%20be%20a%20feature%20added%20to%20a%20later%20build%3F%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EThanks.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-695598%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ESSO%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-718822%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Edge%20Dev%20-%20Azure%20Active%20Directory%20Seamless%20Single%20Sign-On%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-718822%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F361331%22%20target%3D%22_blank%22%3E%40SWicks_Christie%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20are%20having%20the%20same%20issue%20after%20switching%20to%20Azure%20Seamless%20SSO%20over%20the%20weekend.%26nbsp%3B%20Any%20word%20on%20when%20this%20will%20be%20resolved%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-737874%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Edge%20Dev%20-%20Azure%20Active%20Directory%20Seamless%20Single%20Sign-On%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-737874%22%20slang%3D%22en-US%22%3E%3CP%3EI%20too%2C%20am%20going%20to%20complain%20bitterly%20about%20this!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20have%20been%20waiting%20for%20so%20long%20for%20Edge%20to%20support%20AAD%20seamless%20SSO.%26nbsp%3B%20Finally%20with%20the%20Edge%20based%20on%20chromium%20pivot%2C%20versions%20of%20dev%20Edge%20for%20this%20actually%20allowed%20the%20AAD%20seamless%20SSO%20to%20work%20for%20the%20last%26nbsp%3Bfew%20weeks.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EToday%20I%20find%20with%26nbsp%3Bversion%26nbsp%3B77.0.197.1%20(Official%20build)%20dev%20(64-bit)%20that%20it%20no%20longer%20works!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20know%20that%20MS%20have%20announced%20that%20AAD%20sign%20on%20is%20coming%20soon.%26nbsp%3B%20I%20am%20very%20concerned%20now%20that%20the%20AAD%20seamless%20SSO%20has%20been%20intentionally%20removed%20because%20of%20the%20coming%20AAD%20sign%20on%2C%20into%20the%20browser%20instead%20and%20that%20MS%20are%20going%20to%20turn%20around%20and%20state%20that%20if%20you%20want%20SEAMLESS%20SSO%2C%20then%20you%20still%20need%20to%20hybrid%20AAD%20join%20your%20machine!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20have%20used%20AAD%20seamless%20SSO%20since%20it%20became%20available.%26nbsp%3B%20If%20this%20feature%20has%20been%20intentionally%20removed%26nbsp%3Bthen%20this%20is%20the%20final%20straw%20and%20we%20will%20move%20to%20Google%20Chrome%20instead.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-758326%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Edge%20Dev%20-%20Azure%20Active%20Directory%20Seamless%20Single%20Sign-On%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-758326%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Microsoft.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ELink%20to%20a%20ZDNet%20article%20from%20today%3A%26nbsp%3B%20%3CA%20href%3D%22https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fheres-microsofts-updated-roadmap-for-chromium-based-edge-features-for-the-enterprise%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.zdnet.com%2Farticle%2Fheres-microsofts-updated-roadmap-for-chromium-based-edge-features-for-the-enterprise%2F%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Equote%20from%20article%3A%3C%2FP%3E%3CP%3EOn%20the%20list%20of%20features%20available%20to%20evaluate%20today%20in%20both%20the%20Canary%20(daily)%20and%20Dev%20(weekly)%20channels%20are%20%3CA%20href%3D%22https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmicrosofts-chromium-based-edge-browser-will-get-these-new-features%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3EIE%20Mode%3C%2FA%3E%3B%20offline%20installers%20for%20the%20Win%2010%2C%208%2F8.1%2F7%2C%20Server%20and%20MacOS%20variants%3B%20the%20ability%20to%20sign%20in%20with%20Azure%20Active%20Directory%20accounts%20and%20get%20single%20sign-on%20and%20support%20for%20multiple%20profiles%3B%20integrated%20PDF%20support%3B%20more%20than%20180%20group%20policies%3B%20COnditional%20Access%20and%20Application%20Guard%20protection%20on%20Windows%2010%3B%20availability%20in%2010%20languages%3B%20and%20webview%20integrated%20with%20the%20Microsoft%20dev%20stack%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhat's%20happening%20with%20AAD%20seamless%20sign%20on%3F%26nbsp%3B%20Is%20it%20broken%20and%20it%20will%20%22come%20back%22%3F%26nbsp%3B%20Or%20has%20it%20been%20removed%3F%26nbsp%3B%20Are%20you%20going%20to%20force%20everyone%20to%20hybrid%20AAD%20join%20their%20machines%20like%20you%20have%20done%20with%20current%20version%20of%20%22old%22%20Edge%20so%20that%20SSO%20%22works%22%3F%26nbsp%3B%20How%20can%20I%20seamlessly%20sign%20into%20AAD%20even%20for%20the%20new%20Edge%20browser%20if%20AAD%20seamless%20SSO%20is%20not%20there%20to%20start%20with%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
SWicks_Christie
Regular Visitor

Microsoft Edge Dev build Version 76.0.182.6.

 

We have implemented Azure Active Directory Seamless Single Sign-on (https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso) and confirmed that it works both in Google Chrome (build 75.0.3770.90) and Internet Explorer v11 on Windows 10 v1903 build 18362.175.

 

On Chrome and IE when accessing an Office 365 URL, after entering the username a redirect occurs that shows that the account is trying to sign-in without the need for the password to be entered before being prompted to confirm sign-in using MFA.

 

On Microsoft Edge Dev this does not occur and the normal login procedure is followed of username => password => MFA. Is there a setting in the browser that needs to be enabled in the current build for the SSO to work or will it be a feature added to a later build?

 

Thanks.

 

 

 

 

3 Replies

@SWicks_Christie 

We are having the same issue after switching to Azure Seamless SSO over the weekend.  Any word on when this will be resolved?

I too, am going to complain bitterly about this!

 

We have been waiting for so long for Edge to support AAD seamless SSO.  Finally with the Edge based on chromium pivot, versions of dev Edge for this actually allowed the AAD seamless SSO to work for the last few weeks.

 

Today I find with version 77.0.197.1 (Official build) dev (64-bit) that it no longer works!

 

I know that MS have announced that AAD sign on is coming soon.  I am very concerned now that the AAD seamless SSO has been intentionally removed because of the coming AAD sign on, into the browser instead and that MS are going to turn around and state that if you want SEAMLESS SSO, then you still need to hybrid AAD join your machine!

 

We have used AAD seamless SSO since it became available.  If this feature has been intentionally removed then this is the final straw and we will move to Google Chrome instead.

 

Hi Microsoft.

 

Link to a ZDNet article from today:  https://www.zdnet.com/article/heres-microsofts-updated-roadmap-for-chromium-based-edge-features-for-...

 

quote from article:

On the list of features available to evaluate today in both the Canary (daily) and Dev (weekly) channels are IE Mode; offline installers for the Win 10, 8/8.1/7, Server and MacOS variants; the ability to sign in with Azure Active Directory accounts and get single sign-on and support for multiple profiles; integrated PDF support; more than 180 group policies; COnditional Access and Application Guard protection on Windows 10; availability in 10 languages; and webview integrated with the Microsoft dev stack

 

What's happening with AAD seamless sign on?  Is it broken and it will "come back"?  Or has it been removed?  Are you going to force everyone to hybrid AAD join their machines like you have done with current version of "old" Edge so that SSO "works"?  How can I seamlessly sign into AAD even for the new Edge browser if AAD seamless SSO is not there to start with?