Change in Edge/Chromium profile settings broke my Azure Entra ID SSO


I have recently hit a problem whilst developing some training material on Single Sign on (SSO) in GitHub Enterprise. This training is to be delivered in a training instance of GHE that is configured to use a training instance of Azure Entra ID as the SAML identity provider.

To make my life easier, so I am not logging in and out of my work and test Azure Entra ID directories, I have been using profiles in my Chromium based Edge browser. This means I have two copies of Edge running, one for my 'real' work directory and the other for the training directory.

I thought I had left my training GHE instance SSO configured and working, but when I came to test it I found that I could not login. I found the following:

  1. In my Edge browser (training profile) I would go to the GHE login page and login
  2. I would be prompted for the normal GitHub 2FA login
  3. I would be asked if I wished to do the SSO Azure Entra ID login, which I confirmed
  4. I would expect to be redirected to the Azure Entra ID login page in the current Edge profile. However, it opened in my 'real' work Edge profile instance with a 404 error

The Solution

The solution was to change the Edge profile settings

  1. In the training Edge instance open the settings
  2. Select Settings > Profile > Profile Preferences
  3. Turn off the 'Account based profile switching' option

If I then retried my SSO login, the Entra ID tab opened in the correct profile and I was able to login.

As I am sure this was working in the recent past, I assume this is a change in the Edge profile default settings. Hopefully this post will mean other people don't waste time trying to work out what is going on.