Hi everyone,
I urgently need help on the following issues.
We have a dynamics crm 2016 on premise with claim based authentication enabled (no IFD) and integrated with Windows 2016 ADFS.
on the ADFS server, we have configured claim provider trust to connect to Azure AD and supply claims to CRM relying party trust. SSO works fine and user from Azure AD is able to login to CRM.
however, when user signs out, it did not fully expire or revoke the MSISAuth token/cookies from the ADFS server or CRM server end. This is discovered because the cookie was copied to burpsuite repeater and authenticated user request is still able to be done to the CRM application even though user has already signs out.
is there a way for user to sign out completely and MSISAuth token is revoked from all CRM, ADFS, and user browsers?
thanks!
2
Share
Report
All responses (
Answers (
