microsoft-teamsmsal.jsteams-toolkitmicrosoft-teams-js
[email protected] teamsUserCredential.getToken(scopes) results in login required error
I am using the following packages in my Teams React JSX SSO app
"name": "@microsoft/teamsfx-react",
"version": "3.1.3"
"name": "@microsoft/teamsfx",
"version": "2.3.3"
"name": "@azure/msal-browser"
"version": "3.27.0",
On Teams desktop, the client requests for credentials even if session is logged in. I have set the redirect URI's as following on the Azure portal. All the url's are accessible
The scope has been configured as below
Below is the code for my auth-start.html
<html>
<head>
<title>Login Start Page</title>
<meta charset="utf-8" />
</head>
<body>
<script
src="https://res.cdn.office.net/teams-js/2.31.1/js/MicrosoftTeams.min.js"
integrity="sha384-ihAqYgEJz9hzEU+HaYodG1aTzjebC/wKXQi1nWKZG7OLAUyOL9ZrzD/SfZu79Jeu"
crossorigin="anonymous"
></script>
<script
async
type="text/javascript"
src="https://example.com/ui/static/js/msal-browser.min.js">
</script>
<script type="text/javascript">
microsoftTeams.app.initialize().then(() => {
microsoftTeams.app.getContext().then(async (context) => {
// Generate random state string and store it, so we can verify it in the callback
var currentURL = new URL(window.location);
var clientId = currentURL.searchParams.get("clientId");
var scope = currentURL.searchParams.get("scope");
var loginHint = currentURL.searchParams.get("loginHint");
const msalConfig = {
auth: {
clientId: clientId,
authority: `https://login.microsoftonline.com/${context.user.tenant.id}`,
navigateToLoginRequestUrl: false,
redirectUri: window.location.origin + '/ui/blank-auth-end.html',
},
cache: {
cacheLocation: "sessionStorage",
},
};
const msalInstance = new msal.PublicClientApplication(msalConfig);
await msalInstance.initialize();
const scopesArray = scope.split(" ");
const scopesRequest = {
scopes: scopesArray,
redirectUri: window.location.origin + `/ui/auth-end.html?clientId=${clientId}`,
loginHint: loginHint,
};
// Handle the login redirect
try {
await msalInstance.loginRedirect(scopesRequest);
} catch (error) {
console.error("Login redirect failed: ", error);
}
});
});
</script>
</body>
</html>Below is the code for my auth-end.html
<!--This file is used during the Teams authentication flow to assist with retrieval of the access token.-->
<!--If you're not familiar with this, do not alter or remove this file from your project.-->
<html>
<head>
<title>Login End Page</title>
<meta charset="utf-8" />
</head>
<body>
<script
src="https://res.cdn.office.net/teams-js/2.31.1/js/MicrosoftTeams.min.js"
integrity="sha384-ihAqYgEJz9hzEU+HaYodG1aTzjebC/wKXQi1nWKZG7OLAUyOL9ZrzD/SfZu79Jeu"
crossorigin="anonymous"
></script>
<script
async
type="text/javascript"
src="https://example.com/ui/static/js/msal-browser.min.js">
</script>
<script type="text/javascript">
var currentURL = new URL(window.location);
var clientId = currentURL.searchParams.get("clientId");
microsoftTeams.app.initialize().then(() => {
microsoftTeams.app.getContext().then(async (context) => {
const msalConfig = {
auth: {
clientId: clientId,
authority: `https://login.microsoftonline.com/${context.tid}`,
navigateToLoginRequestUrl: false,
},
cache: {
cacheLocation: "sessionStorage",
},
};
const msalInstance = new window.msal.PublicClientApplication(msalConfig);
await msalInstance.initialize();
msalInstance
.handleRedirectPromise()
.then((tokenResponse) => {
if (tokenResponse !== null) {
microsoftTeams.authentication.notifySuccess(
JSON.stringify({
sessionStorage: sessionStorage,
})
);
} else {
microsoftTeams.authentication.notifyFailure("Get empty response.");
}
})
.catch((error) => {
microsoftTeams.authentication.notifyFailure(JSON.stringify(error));
});
});
});
</script>
</body>
</html>On a Chrome Edge browser the start page and end page pops up but does not ask for credentials and provides access to my page but on Teams desktop app it requests for credentials every time I close and restart the Teams client. I am using the token to authenticate with my GO backend. I followed instructions in [email protected] TeamsUserCredential.getToken results in login required error to match the version of msal-browser package in my react app with the html page's msal-browser script. Since Microsoft no longer provides CDN for version 3.27.0, I downloaded it from NPM package and am hosting it from my url. I am hoping I do not have to rollback to an older version to get the SSO working.
####################################################################
Update: I was able to resolve the issue. The issue was due to the scope for getToken() request. I set the scope to default ("[]") and the SSO worked as expected. I updated the code to below and now the SSO is working as expected.
const {loading,error,data: teamsToken, reload} = useData(async () => {
if (!teamsUserCredential){
setTokenError("No Teams User Credential found");
return;
}
try{
const teamsToken = await teamsUserCredential.getToken("");
setTokenError(null);
return teamsToken;
}catch(error){
if (error.code === "UiRequiredError"){
try{
const scopes = ["access_as_user"];
await teamsUserCredential.login(scopes);
const teamsToken = await teamsUserCredential.getToken("");
setTokenError(null);
navigate("/tab");
return teamsToken;
}catch(loginError){
console.error("Error during login: ", loginError);
throw loginError;
}
}else{
console.error("Error fetching token after login error: ",error);
throw error;
}
}
})
useEffect(() => {
if (teamsToken) {
setToken(teamsToken);
}
if (error) {
setTokenError("Failed to fetch token. Please ensure the pop-up blocker is disabled for this site and refresh the page.");
}
setTokenLoading(loading);
}, [teamsToken, error, loading]);
Solution
I was able to resolve the issue. The issue was due to the scope for getToken() request. I set the scope to default ("[]") and the SSO worked as expected. I updated the code to below, and now the SSO is working as expected.
const {loading,error,data: teamsToken, reload} = useData(async () => {
if (!teamsUserCredential){
setTokenError("No Teams User Credential found");
return;
}
try{
const teamsToken = await teamsUserCredential.getToken("");
setTokenError(null);
return teamsToken;
}catch(error){
if (error.code === "UiRequiredError"){
try{
const scopes = ["access_as_user"];
await teamsUserCredential.login(scopes);
const teamsToken = await teamsUserCredential.getToken("");
setTokenError(null);
navigate("/tab");
return teamsToken;
}catch(loginError){
console.error("Error during login: ", loginError);
throw loginError;
}
}else{
console.error("Error fetching token after login error: ",error);
throw error;
}
}
})
useEffect(() => {
if (teamsToken) {
setToken(teamsToken);
}
if (error) {
setTokenError("Failed to fetch token. Please ensure the pop-up blocker is disabled for this site and refresh the page.");
}
setTokenLoading(loading);
}, [teamsToken, error, loading]);- Microsoft Graph API Error: 'Request payload cannot be null' when Creating Online Meeting"
- How can I make the mic mute key work in MS Teams with Autohotkey?
- Azure Bot Framework - MS Team integration - Voice capability
- Using Bicep to enable the calling functions of MSTeams channel in Azure Bot Services
- How to retrieve attendance reports from Teams Meetings using Application Permissions
- I need to add co-organizer in teams meeting through graph api
- New Microsoft Teams Desktop Client Dev Tools
- [email protected] teamsUserCredential.getToken(scopes) results in login required error
- How to get all messages post by person in team channels using power apps in teams
- How to create chart in power apps which shows number of post done by team member in teams channel?
- How can I paste Markdown in Microsoft Teams?
- Using MS Graph Api to create Group matching suffix requirements
- Unable to trigger Power Automate flow using python script
- What are the package name for google meet in Android and iOS?
- How to use the exachangeId in the meetingReference attachment of chatMessageAttachment
- Error 500 while creating Azure DevOps server connector in Microsoft teams
- Displaying response to user from bot in different color in Teams
- The navigation bind for the user was missing when creating Team using micorsoft graph api
- Need deep link into Teams App into Approvals App and put my users right on their "received" approvals view
- Export app registrations with expiring secrets and certificates and send alert in teams
- Link to private/shared channels in Microsoft Teams
- MS Teams outgoing webhook HMAC authentication
- How to get Microsoft Teams card to display correctly
- Need to send azure devops widget dashboard in MS teams
- Power Automate: Teams Workflow Not Working
- Using Teams App Test Tool with Bot Framework Sdk
- Adaptive Card: What is the best way to display an arbitrary JSON object?
- How do I send a message to myself with PowerAutomate?
- Microsoft Cards for incoming webhook arrive empty in teams
- Teams AI Library - JS - Send proactive message