Universal Sign-On unreliable with Microsoft accounts.

Hi Paul,

Sorry for the delay - took some time off over the holidays. I'll do my best to answer your questions.

• Do you have that O365 account created as a login item in 1Password?
  Yes. And I added an additional URL of https://login.microsoftonline.com in case that helped 1P find it, but it didn't work.

• If you do, is the vault or account in which that login item is saved different from the one(s) used for the MS consumer accounts you're seeing?
  No. I have consumer MS accounts in the same vault as this O365 account.

• If it's a public URL, could you share the site you're trying to sign in with your O365 account?
  Although the URL is publicly available, I'd prefer to provide it to you via private message. It's our company.sharepoint.com, but also applies to others like office.com. I haven't had the 1P popup often enough to list all the URLs since MS only occasionally forces the login check.

I've turned off the sign in with provider for now, as you requested. It made no difference to the options presented.

I'll also add
* the options provided for sign in with provider aren't respecting my vault/collection settings. I'm getting suggestions from vaults that are unchecked in the browser extension.
* I also have another O365 test account and that one does show up as a suggestion for sign in with provider. The only difference I can see is that my test account has MS in the title, while the main account has only O365 in the title. Your devs didn't use a "must have 'MS' in the title somewhere" I hope?
* 1P picks up the correct icon for the O365 account, same as the test O365 account and different from consumer accounts
* When actually logging in to the O365 sites, 1P does offer my O365 account. It's only missing after the login, when it recognizes that MS was used to log in and offers the option of which account
* I see the same behaviour with MS sites using the MS account and 3rd party sites using "log in with MS/Azure AD".
* I've attached a screenshot of the suggestions provided today and of the account that doesn't show in the suggestions. As far as I can tell, the only one missing is the one I want.

Missing account:

For your feature request questions:

• Do the URL's in which you're logging into multiple accounts have different root-domains/sub-domains/ports at all?
  Unfortunately no. The whole idea here is to test a system using different users (e.g. an admin and a regular user). Normally I would use different browsers for this, but the FF containers separates the sessions so it works well.

• Are you wanting some sites to log in with a previously saved provider/account automatically, and others to prompt which provider/account you'd like?
  If I'm being honest, I'm not sure what the best UX is here. Ideally I'd love to be able to set a default login for some sites, but have different defaults in different browsers/containers. And that default could be either auto login or just top one in the list. For now, when I have multiple test accounts, I will star the main account so at least it shows up first, but when using another container I would like a different one to rise to the top.

I might need to think about it a bit more, but feel free to ask more questions. It seems like at least some settings are individual per browser (it doesn't retain my selected vaults between different browsers), so I'd like to at least see something similar per browser for what rises to the top as a suggestion, either through usage or through manual starring. And if you could detect different FF containers to do the same, even better.