my.domain.com is an ADFS relying party. Office 365 is also a relying party on the same ADFS server.
However when I try to redirect a user from my.domain.com to https://portal.office.com/home, the user gets a sign in page. On this page they enter their username ([email protected]) and as soon as they try to enter their password they get signed into Office 365 just fine.
I thought since both are relying parties on the ADFS server they should not see a sign in page when coming from one RP to another. Is there something wrong with the way claims are configured? Or does the problem lie somewhere else?
EDIT: Adding screenshot of cookies from Chrome's Resources tab
Office 365 is secured by Azure AD, but it is not a relying party of ADFS.
ADFS Auth Flow vs. Office 365 Auth Flow
ADFS Auth Flow:
Office 365 Auth Flow:
The SSO of Office 365 applications relied on the cookie of login.microsoftonline.com. If the user logged into one application, the step 4 and step 5 in figure#2 will not be required when accessing another Office 365 app, (user do not need to fill the user name and password again).
For the AD FS scenario, the user is not authenticated though the login.microsoftonline.com, so user need to provide the user name and password again when accessing the Office 365 portal.