Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.


My feedback

  1. 39 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  Azure Active Directory » Authentication  ·  Flag idea as inappropriate…  ·  Admin →

    Reposting so that folks get a notification – from Paul:

    Depending on the exact scenario you can do this today. For applications that do interactive browser based sign in to get a SAML assertion, but then want to add access to an OAuth protected API such as Graph, you can simply make an OAuth request to get an Access token for the API. When the browser is redirected to Azure AD to authenticate the user, the browser will pick up the session from the SAML sign in and the user won’t have to enter their credentials.

    We are also supporting the OAuth SAML Bearer Asssertion flow for users authenticating with IDPs such as ADFS federated to AAD so that the SAML assertion obtained from ADFS can be used in an OAuth flow to authenticate the user. I’ll post here again when documentation for that is ready.

    Umesh supported this idea  · 
    An error occurred while saving the comment
    Umesh commented  · 

    https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-saml-bearer-assertion - This would help probably. I have shared a blog earlier which now published in azure docs. Please have a look

    An error occurred while saving the comment
    Umesh commented  · 

    https://o365treasurehunt.blogspot.com/ - i have done that recently and documented that. hope that helps!

Feedback and Knowledge Base