AAD Silent Authentication

Brass Contributor

Hello,

I want to pick your brain for silent authentication with AAD

Something basic but interesting to me as we are hitting the wall.

 

I have simple OAuth app that I want to get into from one Azure-AD joined Windows 10 device.

So when the app redirects my browser to Azure-AD, the app wants to do silent authentication.

Hence the app is sending prompt=none in the OAuth request.

 

Everything looks logical expect that, there is NO account in the cookie.

The only account that I am operating with is the PRT

So I was in impression that Azure-AD will use the incoming PRT with the OAuth request and get the id-token out for the app.

 

Unfortunately AAD is not doing that way.

AAD is erroring out, saying that passive form is NOT possible because there is NO ACCOUNT in the cookie.

My question is, how can app instructs silent-authentication in the request and instructs AAD to use the PRT ??

 

Thanks.

0 Replies