authentication
15 TopicsPublish teams bot only to some customers
We have a teams bot that we would like to be installable only by our customers. Is it possible to publish a bot to the teams store and only allow a set of organization / people install it ? As far as I know, bots published to teams store are public and installable by anyone.552Views0likes1CommentTeams Desktop not allowing request to protected Azure WebAPI
Scenario I have a simple application setup. An Angular SPA front-end and an ASP.NET Core WebAPI. The Angular front-end application has been registered and loaded into Microsoft Teams. One of the Angular app's features is to request data from an Azure hosted ASP.NET Core WebAPI. The WebAPI is protected using Microsoft Identity Platform. Issue In the Microsoft Teams WEB application all is worked as expected. The SSO service I've created works and MSAL in the Angular App is picking up the access_token and successfully authenticates to the ASP.NET Core WebAPI to retrieve the protected payload. WHY IS THIS NOT WORKING INSIDE THE TEAMS DESKTOP APPLICATION? What does work is making a request to a PUBLIC (un-protected) webapi. But for PROD, this is NOT an option. Please help! I've been working on this for too long. Regards, Tolga1.2KViews0likes2CommentsLogin Prompt when requesting 3rd public API
I have custom Tab app. I am able to get the Teams context. I've also implemented SSO, so all mgt components are working fine. I have a custom ASP.NET Core WebApi (v6). It does NOT require authentication. I've decorated the controller method with [AllowAnnonymous]. I've tested the endpoint in browsers and Postmost. All good. Back in my custom Teams Tab app, I make a request to aforementioned API endpoint. It looks like this: https://localhost:44332/Test As soon as I make the request, I get a popup to login.microsoft.com. Why? What am I missing? Thank you, Tolga1.4KViews0likes3CommentsHow do I get my teams bot to authenticate to a web service
I have a teams bot which I want to use as an interface for my service stack webservice however the token I have access to is not being accepted by the web service. I followed the "AAD SSO for tabs and message extension" tutorial to set up my Azure instance and get a basic bot up and running. When I modified the query handler to send a request to a web service with the token provided it is responding with a login page. This is the code that I added to the Simple Graph Client in a new method which passes in what the user types as query HttpWebRequest request = (HttpWebRequest)WebRequest.Create("https://<my website>/api/ws/v1/search?query=" + query); request.Headers.Add("Authorization", "Bearer " + _token); request.Method = "GET"; request.AutomaticDecompression = DecompressionMethods.GZip | DecompressionMethods.Deflate; using (System.Net.HttpWebResponse response = (HttpWebResponse)request.GetResponse()) using (Stream stream = response.GetResponseStream()) using (StreamReader reader = new StreamReader(stream)) { return reader.ReadToEnd(); } Do I need to make use of a shared certificate? or is there some additional configuration that I have missed which is necessary to make this situation work?3.5KViews0likes7Comments"You'll need a new app to open this about link"
I have a custom app running inside of Microsoft Teams. Everything works as expected when running it inside the Teams web application. Running it inside the Teams desktop application breaks part of my custom app. The issue arises when making a request to any web API. That could be the Microsoft Graph API or a custom one I've build for the custom, client application. Instead of getting data back when making the request, I get a popup stating "You'll need a new app to open this about link". Look for an app in the Microsoft Store. Yes/No. I've tried all kinds of different things. Different providers, SSO vs Azure Auth. Any help would be highly appreciated. Regards, Tolga37KViews0likes5CommentsSend personal messages to Teams from daemon service.
Hello, I need to send notifications to my colleagues using Teams in case of emergency which is detected by monitoring system. These messages must be sent on behalf of background service which cannot follow interactive user authentication flow and therefore cannot get Authorization Code to authenticate on behalf of user. I can connect to Azure AD using Graph SDK for Golang and get all users of my organization. But I cannot use Chat API because it's not allowed in "application only context". Is there a way to send personal user messages from daemon service?Solved4KViews1like7Commentsgraph toolkit SSO without Login Component
in my teams tab i have followed the below link and authenticated Teams Tab. http://teams%20tab sso I want to able to use graph tool kit with out Login component as i have sso for tab, is it possible to do so? if so can i call the graph toolkit components3.9KViews1like15CommentsSilent SSO with MSAL
Hi the Teams documentation and samples use adal.js for authentication, as in https://docs.microsoft.com/en-us/microsoftteams/platform/tabs/how-to/authentication/auth-silent-aad. Can anyone confirm that the Teams SDK and samples will move to msal.js - and if so, when? The latest thread about MSAL is already half a year old..4KViews0likes3CommentsTeams custom personal app (SPFx) - slow authentication startup in desktop app
Hi We've implemented quite some Teams personal apps at clients now and the custom Teams apps in the (Teams desktop app) sometimes have load times ranging from 4s - 10s before our custom code even begins. The Teams web app handles auth in a different way, so never any issue there. It appears to have something to do with the way authentication is done in the desktop app (acquire OBO token call...). With a trick, you can also get the console & network tab to show in the desktop app. That way we can verify when our React is loaded & starting + when our backend api calls are done. Clients are complaining about the response times and rightfully so. The response times before our code hits also varies greatly between tenants as mentioned. Has anyone had the same experience? Is there a magic wonder solution out there that I don't know of yet (e.g. simple AAD authentication setting) ?2.3KViews0likes2Comments