Useful URL for Determining the Domain Type

2 years ago

Ruian Ding

1 minute

At times, there arises a necessity to ascertain whether a domain is federated or managed. This determination can be effortlessly performed using the provided URL:

https://login.microsoftonline.com/common/UserRealm/?user=@<domainName>&api-version=1.0&checkForMicrosoftAccount=false

Substitute <domainName> in the URL with the domain name you want to query.

Managed Domain:

Federated Domain with WSTrust:

Federated Domain with SAML20:

3rd party identity providers need to support the WS-Trust protocol to enable PRT issuance on Windows 10 or newer devices. Without WS-Trust, PRT cannot be issued to users on Hybrid Azure AD joined or Azure AD joined devices.
Primary Refresh Token (PRT) and Azure Active Directory – Microsoft Entra | Microsoft Learn

#ADFS