Adding authentication to messaging extension and testing locally.

Copper Contributor

Adding authentication to messaging extension and testing locally. Unable to access openUrl hosted on ngrok


Following the steps here to add authentication to a messaging extension:


Working with a messaging extension bot running 2 static pages:


Returns the following card: (using teams app on mac)


               "type": "openUrl",
               "value": "https://*",
               "title": "Sign in to this app"





After clicking the login button on the card it displays the following error: Something went wrong, please try again.


The * domain is already added to the validDomain list


Additional Notes:

using nodejs / botbuilder / TeamsActivityHandler

- service is running on same ngrok domain
- handleTeamsMessagingExtensionFetchTask captures first event on message action
- checks if users has session
- if no session return login card above
stuck here since it wont open a new window loading the static start auth page
works if I point directly to the
I can then redirect back to my close auth page but the notifySuccess doesn't seem to trigger closing the window
- read that this is because I did not initiate the authentication from the same domain


6 Replies

Are you able to access the URL from browser? Could you please check the URL from the browser?





If the response is helpful, please click "**Mark as Best Response**" and like it. You can share your feedback via Microsoft Teams Developer Feedback link. Click here to escalate.

Hi @Varaprasad-MSFT,

Thanks for the quick response,


Yes I can access both static pages from my chrome browser.



@MatthewCohen - Could you please share your manifest?


  "$schema": "",
  "manifestVersion": "1.8",
  "version": "1.0.0",
  "showLoadingIndicator": true,
  "id": "f9083eaf-0ae8-4331-9653-10080cc36b54",
  "packageName": "{{PACKAGE_NAME}}",
  "developer": {
    "name": "brightidea",
    "websiteUrl": "https://{{HOSTNAME}}",
    "privacyUrl": "https://{{HOSTNAME}}/privacy.html",
    "termsOfUseUrl": "https://{{HOSTNAME}}/tou.html"
  "icons": {
    "color": "color.png",
    "outline": "outline.png"
  "name": {
    "short": "BI Test 1",
    "full": "BI Test 1"
  "description": {
    "short": "TODO: add short description here",
    "full": "TODO: add full description here"
  "accentColor": "#D85028",
  "bots": [
      "botId": "aa38ad8c-5635-49c2-80b6-e3b0d2b47333",
      "scopes": [
      "supportsFiles": false,
      "isNotificationOnly": false
  "composeExtensions": [
      "botId": "aa38ad8c-5635-49c2-80b6-e3b0d2b47333",
      "canUpdateConfiguration": false,
      "commands": [
          "id": "createIdea",
          "type": "action",
          "title": "Create Idea",
          "description": "Create an idea from a message",
          "initialRun": true,
          "fetchTask": true,
          "context": [
          "parameters": [
              "name": "param",
              "title": "param",
              "description": ""
  "permissions": [
  "validDomains": [


Thanks for sharing the manifest , we are checking internally and get back to you on this.
@MatthewCohen, are you still facing this issue? Could you please check this sample for [messaging extension Authentication](