Android - Silently acquiring B2B token on a device that has Microsoft Authenticator

Question

I'm trying to support B2B access in my Android App

I got an issue when to get a token (silently) for the external tenant and the user has Microsoft Authenticator installed

The user is already signed-in to his home tenant and I manage to aquire token to the home tenant (refresh token is null)

here is the code i am using to get the token

    val authenticationContext = authenticationContextProvider!!.create(
            activity,
            azureActiveDirectoryConfiguration.url.replace("common", tenantId),
            azureActiveDirectoryConfiguration.shouldValidateAuthority())

and later

    authenticationContext.acquireTokenSilentAsync(
            resourceId,
            clientId,
            userInfo.userId,
            object : AuthenticationCallback<AuthenticationResult> {
                ...
            })

userInfo is what I got in the result of the regular home tenant token acquiring

this is the error I get:

com.microsoft.aad.adal.AuthenticationException: Received error from broker, errorCode: Refresh token is failed and prompt is not allowed; ErrorDescription: Request authority:[MyAuthority]/[TenantId] resource:[MyResource] clientid:[MyClientId]

This appears to be the same scenario that is asked about [here](https://stackoverflow.com/questions/45055812/b2b-silent-authentication), is that right? If yes, [this answer](https://stackoverflow.com/a/52840756/741827) applies. (AKA the user must be Workplace-Joined in the home tenant before they silent-auth for the guest tenant -- otherwise, they'll need to do an interactive auth for the guest tenant) — Brian Melton-Grace - MSFT, Apr 05 '19 at 20:18

Android - Silently acquiring B2B token on a device that has Microsoft Authenticator

0 Answers0