Chrome app config – need the exact setting to allow an SSO pop-upSolved

Yeah, I know exactly what you mean. Chrome’s config list is a massive headache, and Google changes the naming conventions just often enough to mess with you.

I’ve run into this before. I don’t have the console in front of me to check the exact configuration names, but it usually comes down to one of a few things you just have to search around for. I’d test these one at a time:

1. The native pop-up blocker (Most likely)
   A lot of times, Chrome is just blocking the new tab from opening for the login screen. Try searching the list for something like “Allow pop-ups on these sites”. If you just add your MS login URL (like https://login.microsoftonline.com or your specific tenant), that usually lets the window open without enabling pop-ups globally.
2. Handoff to the Authenticator App
   If that doesn’t fix it, check if your flow is trying to kick the user over to the actual Microsoft Authenticator app on their phone. Chrome blocks that app redirect by default. There’s a setting, something along the lines of “External authentication app launch Urls”. You have to add the URL there so chrome knows it’s allowed to trigger the external app.
3. Integrated Auth (Less common)
   If you’re trying to do Seamless SSO, search for “Authentication server allowlist”. I’ve only set this up once or twice but putting your internal URLs in there sometimes bypasses the prompt entirely. Mobile SSO can be really finicky to get right, honestly.

I’d start with the pop-up list first. Drop the URL in, push a sync to a test device, and see what happens. If it still hangs, you might need to plug the phone in and pull the device logs to see exactly what URL Chrome is getting stuck on.