MicrosoftMicrosoft
This week on Tuesday, March 28, 2017 at 2:38 PM EDT, we started noticing issues maintaining connection between Office desktop applications and SharePoint Online.
The following day Microsoft Teams (Cloud and Desktop) could not find SharePoint Online site collections and all of our users were unable to "Open/Edit in [Office Product]".
OneNote could not sync to SharePoint Online sources. OneDrive sync tool kept loosing its brains. Visual Studio could not hold/keep work credentials. SharePoint Designer could not resolve to SPO site collections.
Microsoft Office Online read and edit worked fine.
OneDrive for Business, Exchange Online and Skype for Business did not show the symptoms.
We tracked the problem down to this Configuration change rolled out into our tenanet.
Tracing showed login.windows.net was reporting "The user or administrator has not consented to use the application with ID..." with every application reporting the same id.
We found an article from Feb 28 announcing device access control being released into the Office 365 tenant with Block as the default for SharePoint Online.
https://reoffice365.com/new-device-access-section-in-the-sharepoint-online-administration-b827d08802eb
We change the settings to "Allow" and while it took about 45 minutes to propagate through the system, all of our OAuth issues disipated.
Microsoft Teams could see SPO again, Edit in desktop apps worked again,
We are now following up with Microsoft to find out why the Block stopped EVERYTHING authenticating with SharePoint Online and why everything reported the same Application ID.
Did anyone else run into this scenario?