Forum Discussion
Community ManagerThe new Azure AD sign-in and “Keep me signed in” experiences rolling out now!
EricStarker Do you have any information on the ADFS web theme to allow on-premises ADFS look and feel to match the new sign in experience? We saw some information during the original preview announcement that this would be coming but are unable to find any info. We have our TAM also checking for information but thought I'd check here as well.
MicrosoftKelvin Xia two minor issues still remain:
1) When using federated account, I have to press the Next button in order to be taken to the AD FS login page. In the previous experience this was automatic, simply pressing Tab for example did the trick.
2) Why am I being prompted for the KMSI experience when using Private sessions? Maybe you should implement a check for this?
We are also experiencing this issue where the KMSI dialog is being displayed for all of our internal ADFS sign ins when previously it was automatic. For now, we have disabled the feature.
If there is a fix for this, please let me know. Thank you.
- Kelvin XiaHey Vasil,
Thanks for the feedback.
For #1: This is by design in the new experience. We had a lot of strong feedback about the old design where we initiated the redirect when focus was lost on the username field. Most users thought that it was unexpected and jarring and did not give them the opportunity to go back and correct typos. We decided to wait to redirect only after the user clicks the Next button. This experience is consistent with almost all other identity systems.
#2: Can you help me understand your scenario where you don't want KMSI to show up in private sessions and why?Three remarks on the new experience:
1. Spelling mistake (in Dutch translation, a period in the middle of a sentence)
2. The checkbox in the KMSI dialog is confusing (don't show this again). Does it make me stay logged in even longer when I select Yes and thick the checbox?
3. When I choose "Yes" in my regular browser session, open a private session, enter a different account in the private session. I get logged in with the account of the regular session anyway, no matter the account I filled in. Is this by design?
Thanks!
Bart
We use SAML SSO with several vendors using ADFS as our iDp. Our ADFS server is under a different domain so we have a Claims Provider Trust setup with our AAD. We have an issue with the new sign-in experience. When a user initially signs in they get presented with the "Stay signed in?" prompt. If they say Yes a persistent cookie is set and things work like they should. However, if they were to go back to the iDp initiated signon page and log out for whatever reason, when they go to sign-in again they won't get the "Stay signed in?" prompt so it just sets a session cookie that is terminated if they close their browser. If they choose to go back to the old sign-in experience the "Keep me signed in" checkbox will be there so they once again can set a persistent cookie. Is this a known issue? Is there a fix for this?
- Kelvin XiaHi Andy, yes, this is a known issue where if the user first says "Yes" to the prompt, then explicitly signs out, they would not see the prompt again on subsequent sign ins for 3 days.
This is something we're looking into fixing.We are experiencing this issue as well. Has there been any resolution identified?
