I have an Angular 9 app that uses MSAL to authenticate with a Microsoft Azure Active Directory that is working in Chrome, Edge and IE, but is not working in Chrome Incognito or Brave browsers. I get an error saying AADSTS50058: A silent sign-in request was sent but no user is signed in.
Full Error Message (with identifiers removed):
"errorCode": "login_required", "errorMessage": "AADSTS50058: A silent sign-in request was sent but no user is signed in. The cookies used to represent the user's session were not sent in the request to Azure AD. This can happen if the user is using Internet Explorer or Edge, and the web app sending the silent sign-in request is in different IE security zone than the Azure AD endpoint (login.microsoftonline.com).\r\nTrace ID: \r\nCorrelation ID: \r\nTimestamp: ", "name": "InteractionRequiredAuthError" }
Brave and Google Incognito are setup differently than the other browsers in that they block cross-site cookies. To change this you will want to go into the offending brower's settings and search for cookie. The images below show the setting that needs to be changed to disabled in brave and "Allow all cookies" in chrome.