SAML SSO php7 app vs Microsoft app eg Teams

[Neville]

So I have registered my in-house developed app on Azure and configured SAML SSO. I have also implemented the required code on my PHP app to authenticated to Azure using SAML. Why when I have already authenticated for MS Teams does Azure again ask my password the first time I try to access my web application? Is the SSO token on my browser used for web apps different from the SSO token for Microsoft apps eg Teams . I am very new to Azure. My app is written in PHP.

[requinix]

3 hours ago, Neville said:

Why when I have already authenticated for MS Teams does Azure again ask my password the first time I try to access my web application? Is the SSO token on my browser used for web apps different from the SSO token for Microsoft apps eg Teams .

Single sign-on means one place that you use to log in. It does not necessarily mean that you use it to sign in once and then nothing has to ask for your account again. In fact it shouldn't: the place with your account should be asking you each time whether you want to allow $app access to your account.

If you coded the account stuff yourself and you're being asked multiple times then it means your app is not remembering you. If you wanted, you could have it remember you (like with a cookie) so that next time all you'd need to do is click a button to allow access.

One way or another, you really should make sure that you have to click a button or do something - don't make the authentication completely automatic when a different app wants you to sign in. For example, in addition to remembering you, your site can also remember which apps you've allowed access to: if the same app wants access then that could be automatic, but if a different app wants access then your site should tell you first.