WebAuthenticationBroker.AuthenticateAsync starts the AuthHost.exe process as a child of the application process, and the HRESULT returned by exception indicates that AuthHost.exe terminated unexpectedly. At startup, AuthHost attempts to clear non cookies cookies, content and history from non sso containers, and if that fails, it will back off. On the other hand, a Windows application runs in a sandbox with a set of permissions other than desktop applications. Thus, Internet Explorer itself or a desktop application that runs SSO may work fine, but AuthHost will not be allowed to perform the necessary cleanup at startup. In my case, the user launching the application was part of a group that was granted full access to this folder, but the user himself did not have direct access rights to the files. However, group rights have been removed in the application sandbox. At the default setting, permissions are configured properly, and such problems do not occur. However, in cases where the user moves temporary Internet files to a new location, which may have a slightly different set of file permissions. Another answer to this thread suggests that deleting and re-creating the profile helps. This operation resets the settings of temporary Internet files in Internet Explorer by default, indirectly supporting my proposal.