-
Notifications
You must be signed in to change notification settings - Fork 374
Known issues on Edge
We had multiple reports of issues with authentication since the recent update of the Microsoft Edge browser version to 40.15063.0.0. We are tracking these and have informed the Edge team. While the Edge team works on a resolution, here is a description of the frequently occurring issues and the possible workarounds that can be implemented.
The cause for most of these issues is as follows. The session storage and local storage are partitioned by security zones in the Edge browser. In this particular version of Edge, when the application is redirected across zones, the session storage and local storage are cleared. ADAL.js saves certain state in the session storage and relies on checking this state during the authentication flows. When the session storage is cleared, this state is lost and hence results in broken experiences.
-
Infinite redirect loops and page reloads during authentication
When users login to the application on Edge, they are redirected back from the AAD login page and are stuck in an infinite redirect loop resulting in repeated page reloads. This is usually accompanied by aninvalid_stateerror in the session storage. -
Infinite acquire token loops and AADSTS50058 error When an application running on Edge tries to acquire a token for a resource, the application may get stuck in an infinite loop of the acquire token call along with the error below from AAD in your network trace.
Error :login_required; Error description:AADSTS50058: A silent sign-in request was sent but no user is signed in. The cookies used to represent the user's session were not sent in the request to Azure AD. This can happen if the user is using Internet Explorer or Edge, and the web app sending the silent sign-in request is in different IE security zone than the Azure AD endpoint (login.microsoftonline.com)
To get around these issues, please ensure that the application domain and login.microsoftonline.com are added as trusted sites in the security settings of the browser, so that they belong to the same security zone.