Skip to content

Interactive sign in forces sign in with password - not possible with phishing resistant conditional access #311

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
GeldHades27355 opened this issue Mar 3, 2025 · 6 comments
Open

Interactive sign in forces sign in with password - not possible with phishing resistant conditional access #311

GeldHades27355 opened this issue Mar 3, 2025 · 6 comments

Comments

@GeldHades27355
Copy link

I'm trying to sign in to a tenant that has tenant-wide phishing resistant conditional access enforcement in place.

However, the interactive sign in still prompts for a password - with no other sign in option. That means I can't sign in to that tenant interactively.

Any way to change that so it supports passkey sign in as well?
@Micke-K
Copy link
Owner

Micke-K commented Mar 3, 2025

Hello,

This is available in the Development branch and PowerShell 7.

See Issue 310.

Cheers!

@GeldHades27355
Copy link
Author

Thanks! Sorry I didn't see this, but the synonyms for phishing resistant / passkey / passwordless / strong authentication etc... are too many to cover with a simple search. 🤪

Learned something new today: If I need to check for this general topic, I need to search for more words.

Anyways, I'll test and close this issue if your suggestion works. Thanks for the quick reply!

Keep up the great work - this is a fantastically awesome tool. 😁

@GeldHades27355
Copy link
Author

GeldHades27355 commented Mar 4, 2025
edited
Loading

No difference, I'm afraid: I still get prompted for a password, with no other option to sign in whatsoever.

Setup:

What else can I try?

EDIT: I tried getting a token by signing in to admincenter via browser first and then signing in with IntuneManagement - but it still prompts me for a password.

EDIT2: After trying to sign in by password (hoping passkey will follow for MFA), I get this message:
"You are required to sign-in with your passkey to access this resource, but this app doesn't support it."

@Micke-K
Copy link
Owner

Micke-K commented Mar 4, 2025

Hello,

Did you miss this part?

Note: You have to enable "Use WAM for enhanced login methods" in Settings and then restart it.

That is the important part.

Cheers!

@GeldHades27355
Copy link
Author

Ofc I missed that. 😁
(I'll try again)

Out of curiosity: Where would I have found that?

And is there a way to enable that by default? Or do I always need to think about turning WAM on/off before I do stuff with PS?

@Micke-K
Copy link
Owner

Micke-K commented Mar 5, 2025

Haha. It was in the Issue 310 link above 😉.

This is a part of settings of the app. MSAL and PowerShell is a bit of a mess. It does not work in PowerShell 5. I got it to work sometimes but it always broke at some point. Looks like PS7 handles DLLs a bit differently and it works fine. At least for me. I don't feel confident enough to have it as default just yet so you will have to enable it in Settings inside the app.

Cheers!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Micke-K @GeldHades27355