SOLVED

Teams SSO errors in Desktop/Mobile Teams apps

Brass Contributor

Hi,

 

We successfully developed SSO integration on the Teams web client, but when I try to authenticate in either the desktop or mobile apps, I get an obscure error.  Desktop gives me "unknownAuthError" and the iOS Teams app gives me "Auth Library Error". 

 

To authenticate are just calling:

teamsFx.login(scopes);

 

After this I see the "Almost there!" screen, I am prompted for my Microsoft account credentials, and I approve the login via the Authenticator app.  Upon returning to my teams tab, I get the above error.

 

Any ideas how to troubleshoot?

 

Thanks!

5 Replies
@keithfable - Thanks for reporting your issue.
We will investigation this issue and get back to you.
best response confirmed by keithfable (Brass Contributor)
Solution

@keithfable - Could you please confirm if you have the following Graph permissions enabled: email, offline_accessopenidprofile, and User.Read ?
Mostly it fails because the user hasn't granted permission to access the API.
and Also try add two client applications to Authorized client applications in Azure Portal. This is for the Teams desktop/mobile clients. Here is Sample Link.

5e3ce6c0-2b1f-4285-8d4b-75ee78787346
1fec8e78-bce4-4aaf-ab1b-5451cc387264
@Sayali-MSFT adding the 1fec8e78... UUID fixed it thanks. I only had the first one, not the second.
When the 5e3ce6c0 app authorization was missing, I got an explicit error message which helped me to fix that issue when I ran into it. But the error for the 1fec8e78 app was unclear, so thanks for clarifying!

@keithfable -Glad to hear that your issue is resolved. You can share your feedback via Microsoft Teams Developer Feedback link.

1 best response

Accepted Solutions
best response confirmed by keithfable (Brass Contributor)
Solution

@keithfable - Could you please confirm if you have the following Graph permissions enabled: email, offline_accessopenidprofile, and User.Read ?
Mostly it fails because the user hasn't granted permission to access the API.
and Also try add two client applications to Authorized client applications in Azure Portal. This is for the Teams desktop/mobile clients. Here is Sample Link.

5e3ce6c0-2b1f-4285-8d4b-75ee78787346
1fec8e78-bce4-4aaf-ab1b-5451cc387264

View solution in original post