This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 47%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHW%3C/text%3E%3C/svg%3E)
i have observed multiple sign ins from dublin location with the IP being microsoft , and the user agent is Rich client , further the auth method is Password in the cloud, also we have observedToken Protection - Sign In Session StatusCode is the same for all logins , no unsual signins are observed what can be the scenario ?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 35%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZM%3C/text%3E%3C/svg%3E)
@harsh waghela, Thanks for posting in Q&A.
Since the issue is complicated, and there is not much useful information I can find, it is suggested that you contact Microsoft Entra ID support to get more help.
https://learn.microsoft.com/en-us/entra/fundamentals/how-to-get-support
Also, I will add Microsoft Entra ID tag, you can wait to see if there will be Microsoft Entra ID support to help.
Thanks for your time and understanding.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 30%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Hello @harsh waghela ,
We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution, please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.
Hello @harsh waghela ,
We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution, please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.
Hello @harsh waghela ,
Thank you for reaching out Microsoft Q&A.
This is common behavior where a rich client is used as a browser for application sign-ins. Regarding your mention of "Password in the cloud," this occurs when a user enters their password while logging into the application, indicating a user-interactive sign-in.
For Token Protection and the Sign-In Session Status Code, you will observe the same code because the sign-in was initiated from the same network without any activity of a man-in-the-middle attack. A rich client can also act as a device browser for first-party applications, primarily during non-interactive sign-ins.
I recommend reviewing the user's sign-ins to check for any unusual activity. If everything appears normal except for the device browser behavior, you can safely ignore it. Attaching screenshot from my test tenant for reference.
I hope this information is helpful. Please feel free to reach out if you have any further questions.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Thanks,
Goutam Pratti.
Hello @harsh waghela ,
Following up to see if the above answer was helpful. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
Hello @harsh waghela ,
Following up to see if the above answer was helpful. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.