New sign-in experience for Office 365, what's it about?

Brass Contributor

Today users in our tenant began getting prompted to try a new sign-in experience for Office 365. It looks a little different, but I'm unable to find documentation about what exactly has changed, and why?


I just want to be able to answer the inevitible questions that come up. Some of our users have already checked to see if they were getting phished. 


111 Replies

My view of the developing issue...  Posted to highlight the need for better communication within MIcrosoft and between Microsoft and its customers.


The Azure AD team changed the sign-in experience used by services like Office 365 to improve and rationalize it. But things didn’t work out so well as tenants reacted badly to the way Microsoft communicated the change. Or rather, failed to communicate the change.

Hey Robert - we rolled out a fix to the Office 2010 issue and users should now be unblocked. 


Also, AFAIK, there are no plans to change how Office 2010 does auth. The UI might change, but not protocol.

Hey everyone, we rolled out a fix for the Office 2010 issue and users should be unblocked now. Thanks to Scott and Cary for the invaluable help with debugging this issue and thanks everyone for your patience.


As mentioned in an earlier reply, the new experience is solely a UI change and there's no change to protocol. Discussions about modern auth being forced in Office 2010 are inaccurate.


We're tracking one more issue: Prompts showing up asking users to pick an account which is affecting SSO and PTA for some users. This is caused by an unrelated change Office 365 pushed out at around the same time as our release. I'm tracking the fix with that team and will provide an update when I know more.



where can we find the fix?


Any information about the fix. 

I still see the 'operation cancelled due to restrictions' in our WIndows7/ Office 2010 environment. Anyone else still have issues?

Specificaly mine is when opting for the new experience again at the point of opening a document from onedrive in local word and redirect from the my-sharepoint pages as soon as I select the account I want to use the autologin box kicks in then I get the warning.

This is a server-side fix, so there's nothing you need to do to get the fix.


In our Tenant we still having the issue trying to edit office documents with office 2010.

any advise?


We are still seeing the same issues. Maybe we have a differnet issue. Can anyone here confirm the same symptoms?

It allows us to download the file or edit in browser, but the edit in Word option gives us an additional log in session/ credentials check, if I opt to use the new I get the error if I go back to the old I can get in fine.

If the fix is deployed it's a little worrying.

We are heavily pushing use of Onedrive over USB drives and this will cause some issues and lack of confidence if staff and students find files unable to edit in the full packages.

Hi Mario & Simon, sorry that you guys are still having issues. I'll reach out to you via PM to get more info to help debug this.

@Kelvin Xia the MSDN subscription page (well the new one, does NOT work correctly with the new sign-in experince. It ends up in a login loop.

Really pleased to see advanced notice being given for further changes to the new sign in experience.  Like today's news about the new “Keep me signed in” experience and also the changes to the multi-factor authentication screens in the Message center post.  This gives us the advance notice many of us are looking for and time to get ready for these changes. It's much appreciated!

Ya, so we have this slick Azure AD app installed on our on-premise Sharepoint hooked up to ADFS that presents users Office 365 mail and calendar in our SP portal site. Seemless SSO using angular and adal. All they do is sign in to our ADFS login and wait for a couple of page refreshes and it all loads in. Now our users get interrupted with this? 



You can disable that in the Azure AD admin center if you go to the edit company branding screen and toggle "show option to remain signed in" to "no".



We're looking at pushing out a change to hide the prompt during SSO scenarios sometime early this week. I'll update this thread when it's out. Thanks for your patience.
We've released a change to not show the prompt in SSO scenarios. Please let me know if you continue to see the prompt in those cases.

Now I'm not seeing the prompt at all, for cloud-only IDs as well. It's not disabled in the branding, and I've tried it on another tenant just to be sure.

OK, now it's showing again... sometimes :) I guess code is still propagating through the service...