![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 31%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,715 questions
Hi @大坂 翔 • Thank you for reaching out.
In case of ROPC flow, the credentials are directly checked against Azure AD and redirection to ADFS doesn't happen. However, you can use Azure policy to configure specific application(s) to do the password validation on the cloud without removing the federation. For this purpose, you can follow the steps I have provided in my blog post: ROPC (Username/Password) flow fails with AADSTS50126: Invalid username or password for federated users
If you don't want to enable Password Hash Sync for all users in the tenant, you may consider Selective password hash synchronization configuration for Azure AD Connect.
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.