Customer had explicit proxy settings configured on the browser and multiple authentication pop-ups appeared over and over again despite entering credentials.
Office365 rely on the authorization header inserted by client to authenticate those traffic however this header is by default being stripped by the proxy on the server side connection (proxy to OCS connection) hence pop-up would appear.
You may issue the command below to enable forwarding of authorization header globally. Please see TECH244708 for more information.
ProxySG#(config)security force-credential-forwarding enable
You may also follow TECH241447 to implement forwarding of credentials selectively by source or destination through Visual Policy Manager (VPM) rules.