Forum Discussion
Microsoft Teams Bot OAuth login shows blank screen and closes without signing in
I’m building a Microsoft Teams bot using Azure AD OAuth (SSO) with Bot Framework. When I click Sign in, the OAuth popup in Teams shows a blank screen for a moment, then closes automatically without s...
Nivedipa-MSFT
Microsoft
Microsoft@shivanandan17 - Thanks for bringing this issue to our attention.
Could you please review the following checkpoints?
- Ensure the connectionName matches exactly:
- In your code: check process.env.CONNECTION_NAME (case sensitive).
- In the Azure portal: Bot Channels Registration → Settings → OAuth connection settings → Connection Name.
- If there’s a mismatch, update and re-test.
- Confirm the OAuth connection configuration in Bot Channels Registration:
- Provider should be Azure Active Directory v2 (if applicable).
- Client Id must be the AAD app client id.
- Client Secret should be a valid, current secret.
- Tenant: use the specific tenant id or leave blank for multi-tenant, according to your needs.
- Scopes should include openid profile offline_access User.Read at a minimum.
- Use the portal’s “Test connection” button to verify success. If it fails, review clientId, secret, tenant, and scopes.
- Check your AAD App Registration settings:
- Redirect URI must include: https://token.botframework.com/.auth/web/redirect
- Access tokens / ID tokens toggles should be set as per provider guidance.
- Required delegated permissions (like User.Read) should be granted, with admin consent if necessary.
- For multi-tenant setups, Supported account types must be set to Multitenant.
- Review Azure AD Sign-in logs for failed attempts:
- Go to Azure AD → Sign-ins, filter by time and user, and inspect failed entries for conditional access details.
- Look for AADSTS errors (such as invalid_client or redirect_uri_mismatch).
- Note the Correlation ID and Timestamp for cross-referencing with Bot Framework logs.
- Use Teams desktop DevTools to analyze popup behavior:
- Press Ctrl+Shift+I to open DevTools, go to the Network tab, and trigger OAuthPrompt.
- Check requests to login.microsoftonline.com and token.botframework.com for failures.
- Export HAR and console logs if needed.
- Enable Application Insights or bot logging for error details:
- In Azure Portal, link or create an Application Insights resource for your bot.
- Add logging in your Node app to capture exceptions and OAuthPrompt results.
- Review traces in Application Insights for exceptions or failed requests.
- Test with “Test in Web Chat” and check Bot Framework logs:
- Run the sign-in flow in Web Chat and monitor activity traces. This helps isolate issues from the Teams client.
- If Web Chat works but Teams fails, focus on Teams DevTools logs and AAD conditional access settings.
- Try these common quick fixes:
- Correct any issues with client secret or clientId in the OAuth connection.
- Add required scopes and ensure they have admin consent in the tenant.
- If admin consent is needed, use the admin consent URL: https://login.microsoftonline.com/{tenantId}/adminconsent?client_id={clientId}&redirect_uri=htt…
- Make sure the AAD app includes https://token.botframework.com/.auth/web/redirect in its Redirect URIs.