We are looking to deploy windows hello for business using the Hybrid Azure AD joined Key Trust, with passthrough authentication. Users will use a PIN to log into their workstations.

Does anyone know what may not work with SSO? From Microsoft's documentation, Kerberos SSO will work, but I cannot find anything for NTLM, Negotiate, basic auth, etc. Will these applications/sites prompt users to enter their usernames and passwords?

I have looked across the internet and my search results have been fruitless.