Mar 24 2023 04:14 AM
While investigating the sign-in logs of a specific user I stumbled upon the following entries. The interactive sign-ins all failed because of conditional access policies.
The non-interactive on the other hand were all successful. How does that make sense, or what does that mean?
Mar 24 2023 04:24 AM
Mar 24 2023 04:35 AM
Mar 24 2023 04:43 AM
Non-interactive user sign-ins are sign-ins that are performed by a client app or an OS component on behalf of a user. These sign-ins don't require any interaction or authentication factor from the user. For example, authentication and authorization using refresh and access tokens that don't require a user to enter credentials.
Below are some of the examples when non-interactive sign-in gets triggered,
• A client app uses an OAuth 2.0 refresh token to get an access token.
• A client uses an OAuth 2.0 authorization code to get an access token and refresh token.
• A user performs single sign-on (SSO) to a web or Windows app on an Azure AD joined PC.
• A user signs in to a second Microsoft Office app while they have a session on a mobile device using FOCI (Family of Client IDs).
Mar 24 2023 04:54 AM
Mar 24 2023 05:00 AM
Mar 24 2023 05:11 AM
Mar 24 2023 05:24 AM
Correct, and that what's happening with that user. i hope that helped you and keep me posted for any further assistance.
Please click Mark as Best Response & Like if my post helped you to solve your issue. This will help others to find the correct solution easily.
Mar 24 2023 06:20 AM
Correct, and that what's happening with that user. i hope that helped you and keep me posted for any further assistance.
Unfortunately not, but thank you very much. My question is still unanswered, that I can't make sense of the "conflicting" statuses in interactive and non-interactive sign-ins.