Widget always prompt for login


I know this has been covered before, but I am still experiencing problems, problems that are a showstopper for my project )-:

What I am trying to do is the following:

An external user is invited as a guest user in our Azure Active Directory.
Thist guest user is made a member of an Azure AD group that is a member of the ‘Site Visitors’ group of a Sharepoint site that hosts the widget and where the add-in is installed.

Because it is a testing environment this group also gives access to the site where helpdesk is installed.

The url where the widget is hosted is published in the user’s ‘MyApps’ portal (Azure AD application proxy).

The user is prompted for login so no SSO and trying to login with the right credentials fails.

Helpdesk site:


Widget url


The widget app is intstalled and trusted at the https://contosocom.sharepoint.com/sites/ICTSandbox//HelpDeskWidget level.
This site has separate permissions. The group the user belongs to has access.

Security is set on the level of https://contosocom.sharepoint.com/sites/ICTSandbox

The guest account can acces this site.
The guest account can even access the ICTSandbox/Erik/Helpdesk site and use the helpdesk.
The widget site however keeps prompting for login, even after interacting with the helpdesk site.

When using my own

account (set up as agent) it works fine.

In the production environment we would set it up like:


Different sites and different access rights and groups. But I would like to have a Proof Of Concept up and running before doing that.


Hello @ErikvdNeut,

I tested automatic log in for an external user, it worked fine for me. So, let us investigate.

Here are permissions of my test user:

Could you please check these permissions for your guest user and send me a screenshot?

Also, please, when opening the widget page under the guest user please open the browser console (to do that please press F12, then go the the Console tab), reload the page and take a screenshot of what you see.

Would it be possible to invite me to your test site the same way as you invite other guest users? You can invite [email protected] and [email protected], so that we test different types of external users.

Best Regards,
Anna Dorokhova
Plumsail Team


It seems to be working now :grinning: