Meghana-MSFT
commented
1 week ago Thank you for reporting this, we will setup the sample (https://github.com/OfficeDev/Microsoft-Teams-Samples/tree/main/samples/tab-graph-toolkit) and get back to you.
Open abenadar opened 1 week ago
Meghana-MSFT
commented
1 week ago Thank you for reporting this, we will setup the sample (https://github.com/OfficeDev/Microsoft-Teams-Samples/tree/main/samples/tab-graph-toolkit) and get back to you.
Meghana-MSFT
commented
1 week ago @abenadar - We checked this at our end by setting up the tab-graph-toolkit csharp sample. It is working fine at our end. Login was successful. Could you please let us know if you are facing this issue with nodejs sample?
abenadar
commented
1 week ago @Meghana-MSFT Thanks for looking into this. In the meantime I've been setting up the TAB-SSO sample as well only to hit the same issue. However, since this sample works outside of Teams I could prompt a log-in to recevie the following message:
AADSTS50194: Application '*****'(Teams (SSO)) is not configured as a multi-tenant application. Usage of the /common endpoint is not supported for such applications created after '10/15/2018'. Use a tenant-specific endpoint or configure the application to be multi-tenant.
I couldn't find an explicit call to the common endpoint but perhaps the issues are related. Not that I'm specifically trying to set up a single tenant app.
I used the C# template in both cases. The manifest template couldn't be used due to neither Teams nor the Developer Portal understanding the old schema, but I don't think that's the issue.
Does the nodejs implementation not operate on I-frames or why do you suspect different results here?
Meghana-MSFT
commented
1 week ago There is no difference in nodeJS & C#. Since C# sample was working fine, we just wanted to confirm there is no code issue in nodeJs.
Regarding the above error in Tab-SSO sample, could you please change "TenantId"(https://github.com/OfficeDev/Microsoft-Teams-Samples/blob/ba3848040cb598920e0f2baa2b52d8ed482b2e16/samples/tab-sso/csharp/TeamsTabSSO/appsettings.json#L4C3-L4C17) from common to your tenant id and check once?
abenadar
commented
1 week ago @Meghana-MSFT
I had the parameter changed from the very start:
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"TenantId": "27331141-*******************************",
"ClientId": "4ece35fe-******************************",
"AppSecret": "e3ad88a6-*******************************",
"ApplicationIdURI": "api://*************.euw.devtunnels.ms/4ece35fe-*******************************/access_as_user",
"AuthUrl": "/oauth2/v2.0/token",
"ValidIssuers": "https://login.microsoftonline.com/27331141-**********************************/v2.0,https://sts.windows.net/27331141-********************************************/"
},
I have no idea why the promt suggests otherwis, also couldn't find another call in the source code. Perhaps an issue with the Azure configuration but I double-cecked it being aligned with the guidelines.
abenadar
commented
1 week ago @Meghana-MSFT Update: I set up the sample using node mentioned above from a different tenant. I receive the same error mentioning multi-tenancy, but I can reproduce this in Teams now too. Setting up the app as multi-tenant may be worth a shot. However, I can't figure out what exactly the MPN ID is nor do I see it in the PArtner Center. Do I need to set up a Azure AI Cloud Partnership for this?
Meghana-MSFT
commented
1 week ago MPN ID is used to identify the organization, however it is optional. https://learn.microsoft.com/en-us/microsoftteams/platform/resources/schema/manifest-schema#:~:text=terms%20of%20use.-,mpnId,-10%20characters
abenadar
commented
1 week ago @Meghana-MSFT It's not optional for setting up multi-tenant sign-in the Azure registration.
I set up an Azure AI Cloud Partner partnership and tried the asscoiated IDs but apparently those are not the right ones. Currently I don't know what else to troubleshoot.
Wajeed-msft
commented
3 days ago MPN Id is associated with https://partner.microsoft.com/en-US/ account. You can find your Partner ID by navigating to:
Settings > Account settings > Identifiers
abenadar
commented
3 days ago MPN Id is associated with https://partner.microsoft.com/en-US/ account. You can find your Partner ID by navigating to: Settings > Account settings > Identifiers
The only identifiers mentioned there were:
> Windows publisher ID
> Windows phone publisher ID
> Symantec IDI registered with the Azure Ai Cloud Partner program as suggested by the most helpful answer given here and found the correct ID. However, registering it does not work yet due to lacking permissions (the app is registered with a different account than the MPN ID). Haven't found the exact cause yet.
Be mindful that multi-tenant log-in is not even what I want to achive. I'm doing all this just to trouble-shoot the issue from above.
I set up the
TabGraphToolkitsample accoridng to its guidelines. However, the tab did not load in the desktop Client. Trying the web clients in different browsers yielded similar results. While the error messages in FireFox and Edge where less useful, Chrome logged the following:If tabs require calling the log-in in an i-frame but MS refuses this, how would that even work? Am I missing something?