Forum Discussion
SameSite cookie problems in deskop version of Teams
Thanks
The issue is reproduced when I access a simple html page in a static tab. I also see this problem when I host my application using a web server instead of SharePoint. I observed the same SameSite warnings in two different test tenant.
Here is what my app manifest file looks like:
{
"$schema": "https://developer.microsoft.com/en-us/json-schemas/teams/v1.9/MicrosoftTeams.schema.json",
"manifestVersion": "1.9",
"version": "1.0.0",
"showLoadingIndicator": true,
"id": "cbfe33f3-04d1-4f41-ae80-849385d6bf33",
"packageName": "test",
"developer": {
"name": "Test App",
"websiteUrl": "https://testapp.com/",
"privacyUrl": "https://testapp.com/privacy-policy",
"termsOfUseUrl": "https://testapp.com/terms-use"
},
"icons": {
"color": "color.png",
"outline": "outline.png"
},
"name": {
"short": "Test",
"full": "Test Application"
},
"description": {
"short": "Test Application",
"full": "This app is a test application"
},
"accentColor": "#DA2DF0",
"staticTabs": [
{
"entityId": "tab1",
"name": "Tab #1",
"contentUrl": "https://gctest71.sharepoint.com/_layouts/15/teamslogon.aspx?SPFX=true&dest=/Shared%20Documents/test/index.aspx",
"websiteUrl": "https://gctest71.sharepoint.com/Shared%20Documents/test/index.aspx",
"scopes": [
"personal"
]
},
{
"entityId": "tab2",
"name": "Tab #2",
"contentUrl": "https://gctest71.sharepoint.com/_layouts/15/teamslogon.aspx?SPFX=true&dest=/Shared%20Documents/test/phone.aspx",
"websiteUrl": "https://gctest71.sharepoint.com/Shared%20Documents/test/phone.aspx",
"scopes": [
"personal"
]
},
{
"entityId": "about",
"scopes": [
"personal"
]
}
],
"permissions": [
"identity",
"messageTeamMembers"
],
"validDomains": [
"gctest71.sharepoint.com"
],
"webApplicationInfo": {
"id": "00000003-0000-0ff1-ce00-000000000000",
"resource": "https://gctest71.sharepoint.com"
},
"localizationInfo": {
"defaultLanguageTag": "en-us",
"additionalLanguages": [
{
"languageTag": "fr",
"file": "locale_fr.json"
},
{
"languageTag": "es",
"file": "locale_es.json"
}
]
}
}Here is what my Azure AD authentication configuration looks like for my App:
- What are seeing on the tab, Could you please share the screenshot? Do you have another authentication on your SharePoint? Can you share minimal repro steps?
I have created a minimal app, which can reproduce the problem. Here is how to configure/deploy it:
- Create a SharePoint folder to host the web application code
- Setup an App in the Azure AD. Make a note of the Application (client) ID" in the "Overview" section.
In the "Authentication" section, add the following configuration:Note: the Redirect URI is:
https://<SharePointe tenant URI>/<SharePoint File Path>/silent-end.aspx - Unzip the file SharePoint_files.zip
- Modify the filePath and clientAppId in the config.js file to include the SharePoint path you just created and the "Application (client) ID" from the Azure AD.
For example if the SharePoint folder is https://gctest71.sharepoint.com/Shared Documents/test , you would have the following in config.js:
var filePath = "/Shared%20Documents/test/";
NOTE: You need to replace any spacer characters with "%20". - Copy all files into your SharePoint Folder.
- Unzip testApp.zip
- Update the manifest.json file in the zip with:
- the Application (client) ID in the paramater id
- the SharePoint tenant name + file path in the following items:
contentUrl, websiteUrl, validDomains, "webApplicationInfo, etc. - Updload the testApp.zip to Teams.
Testing:
- Open the "Dev Tools" for the desktop Teams application.
- Click on "Go to Issues".
You will see the following:
Note: You may not see all of the SameSite warnings right away. You can click ontrhe refresh button and/or sign out/in to see them.
Thanks!
