We have Chromebooks using the SAML IdP from Azure as the login provider. The login flow works fine, except for when you enter a password incorrectly.
When you enter a password incorrectly, it shows "Your account password is incorrect. If you don't remember your password, reset it now".
The user then enters his/her password correctly.
The Chromebook then says "Please re-enter your password to update your Chromebook profile".
Google claims that Microsoft needs to implement the following API: https://www.chromium.org/administrators/advanced-integration-for-saml-sso-on-chrome-devices
The question is - who needs to fix this problem? To me, it feels like the Chromebook caches the initial password hash for the incorrect password and then doesn't update it when the user successfully enters a password again.
It successfully caches the hash when a user is brand new to a Chromebook, but if there is ever an incorrect password entered, this behavior occurs.
Any help would be greatly appreciated. Google is pointing their finger at Microsoft - hopefully this doesn't turn into a finger pointing war :). I just want this annoying issue fixed for my users.