Home

SSO issue with Slack on Azure AD joined machine

%3CLINGO-SUB%20id%3D%22lingo-sub-857770%22%20slang%3D%22en-US%22%3ESSO%20issue%20with%20Slack%20on%20Azure%20AD%20joined%20machine%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-857770%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOur%20company%20uses%20Azure%20AD%2C%20and%20has%20integrated%20SSO%20with%20Slack%20enabled.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20am%20using%20Edge%20Beta%20version%20(tried%20with%20Dev%20as%20well)%20and%20login%20to%20Slack%20fails%20on%20my%20AAD%20joined%20machine%20with%20my%20AAD%20work%20account%20sync%20enabled%20profile.%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F131989i0B67148375ED6184%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_0.png%22%20title%3D%22clipboard_image_0.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CPRE%20class%3D%22lia-code-sample%20language-markup%22%3E%3CCODE%3ERequest%20Id%3A%200fdc5271-c48a-40d0-93aa-770bcfd09600%0ACorrelation%20Id%3A%2017a3aa02-838b-446f-a54c-f146921455ae%0ATimestamp%3A%202019-09-16T19%3A54%3A54Z%0AMessage%3A%20AADSTS75011%3A%20Authentication%20method%20'X509%2C%20MultiFactor'%20by%20which%20the%20user%20authenticated%20with%20the%20service%20doesn't%20match%20requested%20authentication%20method%20'Password%2C%20ProtectedTransport'.%3C%2FCODE%3E%3C%2FPRE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThis%20error%20doesn't%20happen%20on%20-%3C%2FP%3E%3CUL%3E%3CLI%3EIf%20the%20machine%20is%20not%20joined%20to%20AAD%3C%2FLI%3E%3CLI%3EIf%20the%20edge%20user%20profile%20is%20not%20set%20to%20work%20account%20sync%3C%2FLI%3E%3CLI%3EOther%20SSO%20enabled%20site%20like%20Atlassian%2C%20Workday%2C%20etc.%3C%2FLI%3E%3C%2FUL%3E%3CP%3EMy%20guess%20is%20that%20integrated%20SSO%20is%20not%20negotiating%20the%20allowed%20authentication%20methods%20correctly.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Deleted
Not applicable

Hi,

 

Our company uses Azure AD, and has integrated SSO with Slack enabled.

 

I am using Edge Beta version (tried with Dev as well) and login to Slack fails on my AAD joined machine with my AAD work account sync enabled profile. 

clipboard_image_0.png

 

Request Id: 0fdc5271-c48a-40d0-93aa-770bcfd09600
Correlation Id: 17a3aa02-838b-446f-a54c-f146921455ae
Timestamp: 2019-09-16T19:54:54Z
Message: AADSTS75011: Authentication method 'X509, MultiFactor' by which the user authenticated with the service doesn't match requested authentication method 'Password, ProtectedTransport'.

 

This error doesn't happen on -

  • If the machine is not joined to AAD
  • If the edge user profile is not set to work account sync
  • Other SSO enabled site like Atlassian, Workday, etc.

My guess is that integrated SSO is not negotiating the allowed authentication methods correctly.

Related Conversations
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
flashing a white screen while open new tab
cntvertex in Discussions on
13 Replies
Tabs and Dark Mode
cjc2112 in Discussions on
22 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
28 Replies