SOLVED
Home

SSO fails at Invoke signin/verifyState

%3CLINGO-SUB%20id%3D%22lingo-sub-686504%22%20slang%3D%22en-US%22%3ESSO%20fails%20at%20Invoke%20signin%2FverifyState%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-686504%22%20slang%3D%22en-US%22%3E%3CP%3EFollowing%20scenario%3A%20I%20have%20a%20%3CSTRONG%3Eworking%3C%2FSTRONG%3E%20bot%20with%20an%20AAD%20v2%20OAuth%20connection.%20Now%20i%20have%20created%20a%20new%20bot%20which%20is%20just%20for%20staging%20(DEV%2FPROD).%20This%20new%20bot%20works%20the%20same%20with%20one%20exception%3A%20SSO%20in%20MS%20Teams.%20Magic%20Code%20authentication%20works%20in%20both%20MS%20Teams%20and%20Emulator.%20SSO%20only%20works%20in%20Emulator.%20The%20error%20is%20the%20following%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CEM%3EInvoke%20failed%20due%20to%20internal%20error%3A%20Invoke%20failed%3A%20something%20went%20wrong%20in%20ProcessInvoke%3C%2FEM%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThis%20error%20occures%20when%20MS%20Teams%20sends%20the%20signin%2FverifyState%20Invoke%20Message%20to%20%3CA%20href%3D%22https%3A%2F%2Femea.ng.msg.teams.microsoft.com%2Fv1%2Fagents%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Femea.ng.msg.teams.microsoft.com%2Fv1%2Fagents%3C%2FA%3E%20and%20results%20in%20a%20HTTP%20500...%3C%2FP%3E%3CP%3ESince%20the%20SSO%20directly%20to%20my%20new%20bot%20%3CSTRONG%3Edoes%20work%3C%2FSTRONG%3E%20in%20the%20Bot%20Framework%20Emulator%20i%20am%20sure%20this%20problem%20is%20on%20the%20site%20%3CA%20href%3D%22https%3A%2F%2Femea.ng.msg.teams.microsoft.com%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Femea.ng.msg.teams.microsoft.com%3C%2FA%3E.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EBoth%20bots%20are%20configured%20in%20the%20same%20way.%20The%20only%20difference%20is%20the%20MS%20App%20ID%20and%20Password.%20This%20issue%20is%20a%20showbreaker%20for%20us%2C%20since%20we%20cannot%20use%20MS%20Teams%20if%20there%20is%20no%20SSO%20supported.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EBR%3CBR%20%2F%3EDavid%20Vollmers%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-686504%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EBots%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20Teams%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-699444%22%20slang%3D%22en-US%22%3ERe%3A%20SSO%20fails%20at%20Invoke%20signin%2FverifyState%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-699444%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSTRONG%3EUPDATE%3A%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3EThe%20Team%20around%20MS%20Teams%20seems%20to%20have%20fixed%20the%20issue.%20It%20is%20still%20not%20perfect%20but%20you%20can%20read%20about%20it%20here%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2Fmsteams-docs%2Fissues%2F718%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fgithub.com%2FMicrosoftDocs%2Fmsteams-docs%2Fissues%2F718%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
New Contributor

Following scenario: I have a working bot with an AAD v2 OAuth connection. Now i have created a new bot which is just for staging (DEV/PROD). This new bot works the same with one exception: SSO in MS Teams. Magic Code authentication works in both MS Teams and Emulator. SSO only works in Emulator. The error is the following:

 

Invoke failed due to internal error: Invoke failed: something went wrong in ProcessInvoke

 

This error occures when MS Teams sends the signin/verifyState Invoke Message to https://emea.ng.msg.teams.microsoft.com/v1/agents and results in a HTTP 500...

Since the SSO directly to my new bot does work in the Bot Framework Emulator i am sure this problem is on the site https://emea.ng.msg.teams.microsoft.com.

 

Both bots are configured in the same way. The only difference is the MS App ID and Password. This issue is a showbreaker for us, since we cannot use MS Teams if there is no SSO supported.

 

BR
David Vollmers

1 Reply
Highlighted
Solution

UPDATE:

The Team around MS Teams seems to have fixed the issue. It is still not perfect but you can read about it here: https://github.com/MicrosoftDocs/msteams-docs/issues/718