Comment by mastax
7 hours ago
Out of all the SSO login flows Microsoft has to have the buggiest. It’s the only one I can remember routinely having issues with. Why are there so many redirects? And why doesn’t the “remember me” checkbox ever work?
7 hours ago
Out of all the SSO login flows Microsoft has to have the buggiest. It’s the only one I can remember routinely having issues with. Why are there so many redirects? And why doesn’t the “remember me” checkbox ever work?
It is also the only SSO flow I have ever seen that fundamentally cannot work if you have more than one account remembered on your device. So far the only way I’ve found to get it to let you log out of account A and then log into account B is to clear all cookies otherwise it gives you permission denied errors. Have no idea how it can be this horrible
Yeah I have had this experience too. Woe betide ye if your company gets bought by another company with pre-existing Azure AD.
Would container tabs solve that? They're pitched as helping separate work and personal logins.
I just run completely separate browser profiles to separate work and personal stuff. And I still sometimes need private mode or a throwaway profile to get some random thing to work.
And then sometimes the "switch user" prompt doesn't work but it automatically logs you in with the wrong account to a system that account doesn't have access to, then drops you in a non-interactive "you're not authorized" screen. You have to find a working page, log out, then go back and try logging in...
I haven't seen it in a while (perhaps mostly because I'm in Google stuff way less than I used to be) but for years multiple Google sites would get in a state where its auth would route me through about twenty redirects in a loop and never actually finish authenticating me. Clearing cookies and re-logging-in from scratch was the only fix.
Youtube was always involved, somehow, for some reason, even when what I was doing wasn't connected to Youtube at all or the account I was using had never even been intentionally used with Youtube. It'd route me through a few Youtube domain names.
(Microsoft's is indeed even worse, on some of theirs [Azure Devops, looking at you] I can't use them in pinned tabs because somehow they manage to get into a totally broken state where the page won't load due to whatever's happening with their auth flow in the background, and no method of reloading the tab fixes it, and it does this every couple days—but copy-pasting the same URL to a new tab does work)
I've always assumed the billions of redirects are setting cookies so all the various systems "work" but I have given up trying to understand it.
It is still like this? I remember it being terrible trying to log into xbox.com 15 years ago.
Why, 20% when logging in, do I actually get logged out? I'm sorry if I was already logged in, why the hell are you asking me to log in again?
Having Microsoft on your resume is a huge red flag.