cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

AADSTS75011 Error on Edge (Azure AD Joined machines)

mickyc1982
New Contributor

‎Jul 22 2021 05:12 AM - last edited on ‎Jan 14 2022 04:01 PM by

‎Jul 22 2021 05:12 AM - last edited on ‎Jan 14 2022 04:01 PM by

AADSTS75011 Error on Edge (Azure AD Joined machines)

I have just setup SSO for a new enterprise application.

On AzureAD joined machines, it works in Chrome and Edge InPrivate mode. In normal edge, we get the following error:

 

AADSTS75011: Authentication method 'X509, MultiFactor' by which the user authenticated with the service doesn't match requested authentication method 'Password, ProtectedTransport'.

 

I have read about adding the following to SAML request but this is not possible with the vendor currently:

'authnContextClassRef' : false

 

This only affects AzureAD joined machines on Edge. When I test from a Hybrid joined machine there is no such issue.

 

Is there any way to resolve this from the Azure side?

1,039 Views
1 Like
2 Replies
Reply
2 Replies
Born_Slippy

‎Jun 17 2022 05:30 PM

‎Jun 17 2022 05:30 PM

Re: AADSTS75011 Error on Edge (Azure AD Joined machines)

@mickyc1982 

We just ran into this exact same issue today with an application sending the optional/unnecessary RequestedAuthnContext info in the SAML request.  But, also narrowed down to only Edge/AAD joined affected.  Also, seems to correlate to Primary Refresh Token (PRT) with MFA/Windows Hello being used.

 

Did you manage to find any solution that wasn't reliant on the software vendor?

0 Likes
Reply
mickyc1982

‎Jun 19 2022 08:05 AM

‎Jun 19 2022 08:05 AM

Re: AADSTS75011 Error on Edge (Azure AD Joined machines)

@Born_Slippy in the settings for the 3rd party application I had to disable AuthnContext altogether. Once this was unchecked this resolved the issue for us

0 Likes
Reply