ADAL 1.16.+ domain hint with MS Authenticator not woking

Question

ADAL 1.16.+ domain hint with MS Authenticator not woking

Closed this issue 4 years ago · 2 comments

ChristianGiuseppe commented 4 years ago

When I login on my application with MS Authenticator the value of the extraQueryParameters parameter is ignored

this is my code:

mAuthContext.acquireToken(activity, resource, clientId, mAuthContext.getRedirectUriForBroker(), PromptBehavior.Auto, "domain_hint=example.com", getAuthInteractiveCallback());

Answer 1 · 2020-01-24T18:20:27.000Z

Hi @ChristianGiuseppe : Thank you for reporting, Few questions below

Did this ever work with any version of Authenticator app ?
Can you post the version of the Authenticator app you're using?
When you mean ignore , how are determining that it is ignored? if you're looking at network traces can you let us only if it's ignored while sending to Authorize endpoint(oauth2/authorize) or Token Endpoint(oauth2/token) or both?

By design, in Authenticator app(Broker), we allow all the extra query params passed by the client to the Authorize endpoint but we only allow specific query params to the Token endpoint , domain_hint isn't one of them.

Answer 2 · 2020-01-30T15:50:13.000Z

Hi @kreedula,
I tried with the latest version of the Authenticator (version 6.2001.0140)
I realized that it is ignored because when the MS Authenticator application is not installed, the parameter is read correctly because the webview that shows the domain is not displayed.
Could you tell me what are the specific parameters that can be sent to the token endpoint?