login.windows.net still needs to be added to trusted sites in Internet Explorer

During some troubleshooting it was discovered that for some reason “https://login.windows.net” needs to added to “IE trusted site” else you wouldn’t get a PRT (Primary Refresh Token) issued in some scenarios. Microsoft have been working on merging the¬†Azure AD Authentication Flows since March 2015, but this still doesn’t seem to be merged end-to-end yet.

Source: Simplifying our Azure AD Authentication Flows



Leave a Reply

Your email address will not be published. Required fields are marked *