Dec 06 2021 05:07 AM
Hi,
We are developing an app for Teams meeting utilizing the shared meeting stage. As part of this app, we have our own authentication flow using OAuth (https://docs.microsoft.com/en-us/microsoftteams/platform/tabs/how-to/authentication/auth-flow-tab). Now the one requirement we have right now is that in a multi-device scenario users should sign in once to the app on any of the devices for the first time post that the user can use the app without signing in again for other devices as well. For example, I add the Meeting App on desktop Teams, do the authentication using OAuth flow and after successful authentication, I should be able to use the same Meeting App on iPad as well without the need of signing in again. Documentation on this topic is not clear. Can you please point to the right documentation on how this can be achieved?
Dec 06 2021 08:15 AM - edited Dec 06 2021 08:21 AM
@muditsaxena - Looks like we can not achieve this kind of authentication flow because if you logged-in to any device it stores the authentication details in a cache or memory on that particular device.
So it will always ask for authentication details at least for first time on different devices.
But you can implement SSO where if you are already logged-in to your Teams client, it will not ask for authentication for your tab or bot again on different device.
Single sign-on support for tabs - Teams | Microsoft Docs
Thanks,
Chetan Sharma
-------------------------------------------------------------------------------------------
If the response is helpful, please click "Mark as Best Response" and like it. You can share your feedback via Microsoft Teams Developer Feedback link. Click here to escalate.
Dec 07 2021 08:33 AM - edited Dec 07 2021 09:10 AM
We have our own OAuth flow, so are you suggesting we use SSO flow using AAD?
Second, if you look at already published apps like `Jira Cloud` on Teams, they also have their own OAuth flow despite that they are able to achieve the multi-device flow i.e sign-in once on one device and use on other devices. So, how is that achieved?
Dec 08 2021 04:30 AM
Dec 08 2021 05:00 AM
Dec 09 2021 12:24 AM
Dec 20 2021 12:17 PM
@ChetanSharma-msft The links you shared works well for using AAD as SSO/IDP provider while we use Okta as IDP
Let me explain in detail what I am trying to achieve here and my authentication flow.
Authentication flow
Teams Authentication Flow (Currently implemented)
For the current user post the above installation flow, our app is installed on their other devices as well like iPad, mobile, etc. Now if a user wants to use our app on Mobile Teams Client for example, does he have to go through the same sign-in process again? Or Is there any other way to use the app on other devices without re-entering sign-in credentials?
Dec 22 2021 06:58 AM
Dec 02 2022 09:39 PM
@muditsaxena Were you able to achieve your use case using Okta. We are working on something similar for our bot.