ADFS 3.0: Chrome users repeteadly prompted for credentials

This error is related with the error in ADFS 2.0 in the post:

But in this case we are working with ADFS 3.0 so we don’t use IIS anymore, but there are other default settings working against Our Chrome users, so lets have a look at what we need to change.

Chrome only uses NTLM Authentication, so first we need to allow this by setting the ExtendedProtectionTokenCheck to None.

Set-ADFSProperties –ExtendedProtectionTokenCheck None

Then we need to alter the current list of supported user-agents for NTLM, which basicly means we need to allow Chrome within the list of browser we want to support. Get the list over allready supported browsers:

Get-ADFSProperties | Select  -ExpandProperty WIASupportedUserAgents

It will show a list of supported browser which by default is:


Then we add all these and Chrome, or to be Clear, we add what ADFS think Chrome is:

Set-ADFSProperties -WIASupportedUserAgents @(“MSIE 6.0″, “MSIE 7.0″, “MSIE 8.0″, “MSIE 9.0″, “MSIE 10.0″, “Trident/7.0″, “MSIPC”, “Windows Rights Management Client”, “Mozilla/5.0“)

Which is Mozilla v5.0, then restart the Active Directory Federation Service to use the changes.


4 thoughts on “ADFS 3.0: Chrome users repeteadly prompted for credentials

      1. Ok, this problem happens internally, only in the proxy or in both servers? If you have followed the PS steps, check If the adfs service has been restarted in both servers


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s