Windows users are no strangers to the occasional OneDrive hiccup, but few glitches are as maddening as the dreaded “Signing In…” loop. You click the OneDrive icon, try to sign in, and the app hangs—spinning endlessly without ever completing authentication. If you’ve encountered this on Windows 10 or 11, you’re not alone. A recent Windows Report guide published on August 22, 2025, compiled a quick-fix checklist for this exact scenario. We’ve taken that foundation and built it into a comprehensive troubleshooting blueprint, adding enterprise-specific workarounds and deeper technical explanations for every step.

Why OneDrive Gets Stuck at Sign-In

OneDrive’s sign-in loop typically stems from one of three root causes: a stale or corrupted authentication token, a misconfigured system clock, or network interference that blocks Microsoft’s identity endpoints. On managed devices, Group Policy Objects (GPOs), Intune configurations, or proxy servers can silently break the handshake between OneDrive and Microsoft Entra ID (formerly Azure AD). The symptoms are always the same—a spinning sign-in dialog that never resolves—but the fix depends on your exact setup.

1. Synchronize Your System Clock

Authentication protocols like OAuth 2.0 rely on accurate timestamps. If your PC’s clock drifts even five minutes from the actual time, the tokens exchanged between OneDrive and Microsoft’s identity platform become invalid before they’re even issued.

  • Open Settings > Time & Language > Date & time.
  • Toggle Set time automatically to On. If it’s already on, toggle it off, wait a few seconds, then toggle it back on to force a resync.
  • Under Time zone, ensure the correct region is selected. Manually adjust if needed, especially after traveling or on virtual machines that may inherit the host’s time zone.
  • Click Sync now under Additional settings to trigger an immediate update with an NTP server.
  • For enterprise environments with strict time policies, verify that the Windows Time service is running by executing w32tm /query /status in an elevated Command Prompt. If the PC is domain-joined, it should sync with the domain controller by default.

After correcting the time, fully exit OneDrive (right-click the cloud icon in the system tray and select Quit OneDrive) and relaunch it from the Start menu.

2. Purge Stale Account Tokens

Windows caches account credentials for apps like OneDrive, and these cached tokens can become out of sync—especially if you’ve recently changed your password, enabled multi-factor authentication, or had your tenant undergo a Conditional Access policy change.

  • Navigate to Settings > Accounts > Email & accounts (or Access work or school on Windows 11).
  • Look under “Accounts used by other apps” for any entry labeled with your Microsoft 365 work or school account. Even if it appears functional, it may contain a token that OneDrive no longer trusts.
  • Select the account and choose Remove. Confirm the removal. Note: This does not delete the underlying user profile; it only clears the saved authentication state for that app.
  • If you see multiple entries for the same account, remove all of them.
  • Restart the computer, then open OneDrive and sign in again. You will be prompted to re-enter your credentials, which forces a fresh token generation.

For Azure AD/Entra ID joined machines, you may also need to clear the Web Account Manager (WAM) cache. Run the following command in PowerShell as an administrator:

Get-AppxPackage *Microsoft.AAD.BrokerPlugin* | Remove-AppxPackage

Then reboot. OneDrive will re-detect the tenant and go through a clean modern authentication flow.

3. Reset OneDrive with the Hidden Switch

The built-in OneDrive reset command is often the most effective single fix. It forces the client to rebuild its configuration and re-sync all settings without deleting local files.

  • Press Windows + R, type the following, and press Enter:
    %localappdata%\Microsoft\OneDrive\OneDrive.exe /reset
  • You’ll notice the OneDrive icon disappear from the system tray. After about a minute, it should reappear and begin the setup process automatically. If it doesn’t, manually start OneDrive from the Start menu.
  • Important: The reset retains all locally synced files. It only wipes the app’s configuration cache, so your data remains safe.
  • For users with multiple accounts (personal and work/school), you may need to run the reset command for each instance, or use the /resetall parameter to reset all configured OneDrive accounts.

If the reset fails to start OneDrive, the executable might be missing or corrupted. In that case, download the latest OneDrive installer from the official Microsoft site and run it—this will repair the installation.

4. Update OneDrive to the Latest Build

Microsoft regularly patches OneDrive’s authentication stack, especially as Modern Auth protocols evolve. An outdated version can lag behind backend changes, causing the sign-in loop.

  • Right-click the OneDrive cloud icon and select Settings > About to see the current version. Cross-reference it against the latest version listed on the OneDrive release notes page.
  • If it’s outdated, download the production ring installer from the OneDrive download page and run it. The installer automatically detects the channel you’re on (Production, Insider, or Enterprise) and updates accordingly.
  • If you installed OneDrive from the Microsoft Store, open the Store, go to Library, and click Get updates.
  • Enterprise admins can deploy the latest per-machine installation using the /allusers switch with the MSI package or via Intune.

Before updating, quit OneDrive completely. After the update, restart your PC to ensure all components reload cleanly.

5. Verify Network and Proxy Settings

OneDrive requires unencumbered access to a set of Microsoft endpoints. A misconfigured VPN, third-party firewall, or DNS-based filter can silently block traffic, causing the authentication request to time out or loop indefinitely.

  • Temporarily disconnect from any VPN and retry the sign-in. Many corporate VPNs force traffic through a tunnel that may not route modern auth URLs correctly.
  • Test basic connectivity by navigating to office.com and onedrive.live.com in a web browser. If you can sign in successfully in the browser but not in the OneDrive app, the issue is likely an endpoint being blocked at the OS or network level.
  • Ensure your firewall or proxy allows traffic to the following Microsoft IP ranges and URLs (allowing *.storage.live.com, *.sharepoint.com, login.microsoftonline.com, and graph.microsoft.com):
  • OneDrive consumer: onedrive.live.com, skyapi.live.net, *.storage.live.com
  • OneDrive for Business / Microsoft 365: *.sharepoint.com, login.microsoftonline.com, graph.microsoft.com
  • Full list of Office 365 URLs and IP address ranges
  • On a corporate network, ask your IT team to bypass SSL inspection for these destinations, as deep packet inspection can break the TLS handshake that modern authentication relies on.
  • If you’re using a proxy, ensure that OneDrive’s proxy settings align with the system’s Internet Options. Open Settings > Network & Internet > Proxy and verify that both “Automatically detect settings” and any proxy script address are correct. OneDrive respects the system proxy configuration, but some forced proxies require the netsh winhttp set proxy command to apply system-wide.

6. Enterprise-Specific Fixes

OneDrive sign-in loops are disproportionately common on managed devices, where policies can inadvertently break authentication.

Group Policy (GPO) Misconfigurations

  • Check the policy Administrative Templates > OneDrive > Use OneDrive Files On-Demand. If this policy is enabled but the latest Sync client isn’t installed, OneDrive may falter during sign-in. Ensure the per-machine sync client is deployed.
  • The setting Prevent users from syncing personal OneDrive accounts (under Administrative Templates > OneDrive > Prevent users from syncing personal OneDrive accounts) can interfere if a user tries to add a personal account on a domain-joined machine where that policy is enabled. Confirm that the policy aligns with your intended configuration.
  • Group Policy can also push a default OneDrive.json configuration file that includes DisablePersonalSync or SilentAccountConfig. An incorrect tenant ID in this file will endlessly loop sign-in. Validate the JSON file located at %localappdata%\Microsoft\OneDrive\OneDrive.json.

Intune / MDM Policies

  • Remediate the Device Configuration Profile responsible for OneDrive settings. Look for the OMA-URI ./User/Vendor/MSFT/Policy/Config/OneDriveNGSC/DisablePersonalSync and ensure its value is appropriate for your device groups.
  • If Windows Information Protection (WIP) is enforced, it can block the OneDrive personal authentication flow. Test by temporarily excluding OneDrive from the WIP policy.

Proxy and Conditional Access

  • Conditional Access policies in Entra ID that require a compliant device or a specific IP range can block the initial sign-in if the device hasn’t enrolled yet. This creates a chicken-and-egg problem: you need to sign in to OneDrive to enroll, but you need to be enrolled to sign in. Workaround: use the OneDrive for Business tenant sync URL (odopen://sync?siteId=...) or pre-register the device via Windows Autopilot.
  • If your proxy requires Kerberos authentication, the modern auth stack in OneDrive (which uses ADAL/MSAL) may not fall back gracefully. Switch to the OneDrive sync client’s “Use system proxy” setting under Settings > Network > Proxy and ensure it’s set to “Detect automatically.”

7. Advanced Recovery: The Nuclear Option

If all else fails, a full uninstall and clean reinstall can remove deeply lodged corruption.

  • Close OneDrive. Press Windows + R, type appwiz.cpl, and locate Microsoft OneDrive in the list. Right-click and select Uninstall. If you don’t see it, OneDrive is a built-in app on Windows 10/11 and requires a command-line removal:
    cmd %systemroot%\SysWOW64\OneDriveSetup.exe /uninstall
  • After uninstalling, restart the computer.
  • Reinstall the latest version from the official download page. For 64-bit Windows, the default path is %systemroot%\SysWOW64\OneDriveSetup.exe.
  • Launch OneDrive and follow the standard setup. This eliminates any residual registry entries, broken install hooks, or permission issues.

Important: Uninstalling OneDrive does not delete your cloud files. On first sync after reinstallation, your files will reappear (but may need to be re-downloaded if you were using Files On-Demand). Back up any locally stored “Always keep on this device” files before uninstalling, just in case.

8. Decoding Error Codes

Sometimes OneDrive surfaces an error code that pinpoints the failure. Two frequent culprits:
- 0x8004e4be: This indicates an authentication token failure, often resolved by steps 2 and 3 above. It can also appear when the device’s TPM module is malfunctioning; check TPM status via tpm.msc.
- 0x8004def7: Points to a network connectivity issue. Double-check firewall rules and proxy bypass lists.

If you see no error at all, the sign-in loop is likely timing out silently. Enable verbose logging by creating the registry key HKEY_CURRENT_USER\Software\Microsoft\OneDrive\EnableVerboseLogging (DWORD = 1). Logs will appear in %localappdata%\Microsoft\OneDrive\logs and may reveal the exact URL or endpoint that’s unreachable.

Final Thoughts

The OneDrive sign-in loop rarely signals a systemic outage; it’s almost always a local misconfiguration. By walking through the checklist systematically—time, tokens, reset, update, network—you can isolate and squash the bug in under ten minutes. For IT administrators, the fix often lives in Group Policy or proxy settings, not on the end user’s machine. And if you’re still stuck, Microsoft’s OneDrive support community is an invaluable resource where engineers routinely help diagnose edge cases. Bookmark this guide: the next time OneDrive decides to spin its wheels, you’ll have the roadmap to break the loop.