Hi @Jake Zhang-MSFT ,
Thank you for your reply.
I just wanna clarify 1 things about my third question. "Since MSAL.NET does not support direct ADFS authorization, Azure AD should be used as the authorization".
So whether I using MSAL kotlin/java for android or MSAL.NET/MAUI for android. The cross app SSO will only be achieved if we use entra id/entra connect/azure ad/azure ad connect/cloud/office 365 as authority? It'll not work solely with adfs on premise alone or using adfs as authority?
Btw fyi, I already tried with using MSAL.NET with a function called .WithAdfsAuthority()
https://zcusa.951200.xyz/en-us/dotnet/api/microsoft.identity.client.abstractapplicationbuilder-1.withadfsauthority?view=msal-dotnet-latest
And already successfully logged in and get the access token, but still the cross app sso not achieved and there isn't my adfs account on microsoft authenticator. It isn't like when I use WithBroker(), the entra id account is there (microsoft authenticator).
Btw I tried to using .WithBroker().WithAdfsAuthority("https://adfs.mydomain.com/adfs)
But there's error like this ...Broker response returned error: com.microsoft.identity.common.java.authorities.ActiveDirectoryFederationServicesAuthority cannot be cast to com.microsoft.identity.common.java.authorities.AzureActiveDirectoryAuthority...
(I posted it too in stackoverflow if you wanna see the details https://stackoverflow.com/questions/79274026/cant-use-broker-mode-with-adfs-authority)
I think it's the same error like when I use msal java/kotlin but using this json configuration
"authorities":[
{
"type":"ADFS"
"authority_url":"https://adfs.mydomain.com/adfs"
}
]
So yeah, doesn't it means that cross app sso with only adfs as an authority is not possible?