search

OfficeDev / microsoft-teams-emergency-operations-center

The Microsoft Teams Emergency Operations Center (TEOC) solution template leverages the power of the Microsoft 365 platform to centralize incident response, information sharing and field communications using powerful services like Microsoft Lists, SharePoint and more.
MIT License
85 stars 33 forks source link

TEOC sign in error #165

Closed BCG-cmori closed 4 months ago

BCG-cmori commented 5 months ago

Hi seems like I might have a misconfiguration in my current configuration somewhere but not sure what exactly was misconfigured.

login error

Application manifest File

{
    "id": "5b56ed52-21c0-4ad3-9823-00c3db736d82",
    "acceptMappedClaims": null,
    "accessTokenAcceptedVersion": 2,
    "addIns": [],
    "allowPublicClient": null,
    "appId": "90cbf851-abf3-4c8a-8d42-8cecc45cbc5f",
    "appRoles": [],
    "oauth2AllowUrlPathMatching": false,
    "createdDateTime": "2024-01-23T14:25:08Z",
    "description": null,
    "certification": null,
    "disabledByMicrosoftStatus": null,
    "groupMembershipClaims": null,
    "identifierUris": [
        "api://teoc01p.azurewebsites.net/90cbf851-abf3-4c8a-8d42-8cecc45cbc5f"
    ],
    "informationalUrls": {
        "termsOfService": null,
        "support": null,
        "privacy": null,
        "marketing": null
    },
    "keyCredentials": [],
    "knownClientApplications": [],
    "logoUrl": null,
    "logoutUrl": null,
    "name": "TEOC",
    "notes": null,
    "oauth2AllowIdTokenImplicitFlow": true,
    "oauth2AllowImplicitFlow": true,
    "oauth2Permissions": [
        {
            "adminConsentDescription": "Allows Teams to call the app’s web APIs as the current user.",
            "adminConsentDisplayName": "Teams can access app’s web APIs",
            "id": "2aa65e3f-e8f4-4e6f-960d-7345df0be882",
            "isEnabled": true,
            "lang": null,
            "origin": "Application",
            "type": "User",
            "userConsentDescription": "Allows Teams to call the app’s web APIs as the current user.",
            "userConsentDisplayName": "Teams can access app’s web APIs",
            "value": "access_as_user"
        }
    ],
    "oauth2RequirePostResponse": false,
    "optionalClaims": {
        "idToken": [],
        "accessToken": [
            {
                "name": "idtyp",
                "source": null,
                "essential": false,
                "additionalProperties": []
            }
        ],
        "saml2Token": []
    },
    "orgRestrictions": [],
    "parentalControlSettings": {
        "countriesBlockedForMinors": [],
        "legalAgeGroupRule": "Allow"
    },
    "passwordCredentials": [
        {
            "customKeyIdentifier": null,
            "endDate": "2025-01-22T14:28:02.121Z",
            "keyId": "dad2ef4e-97aa-4045-90a6-796be0309205",
            "startDate": "2024-01-23T14:28:02.121Z",
            "value": null,
            "createdOn": "2024-01-23T14:28:34.5487237Z",
            "hint": "dYx",
            "displayName": "TEOC Secret"
        }
    ],
    "preAuthorizedApplications": [
        {
            "appId": "00000002-0000-0ff1-ce00-000000000000",
            "permissionIds": [
                "2aa65e3f-e8f4-4e6f-960d-7345df0be882"
            ]
        },
        {
            "appId": "d3590ed6-52b3-4102-aeff-aad2292ab01c",
            "permissionIds": [
                "2aa65e3f-e8f4-4e6f-960d-7345df0be882"
            ]
        },
        {
            "appId": "4765445b-32c6-49b0-83e6-1d93765276ca",
            "permissionIds": [
                "2aa65e3f-e8f4-4e6f-960d-7345df0be882"
            ]
        },
        {
            "appId": "4345a7b9-9a63-4910-a426-35363201d503",
            "permissionIds": [
                "2aa65e3f-e8f4-4e6f-960d-7345df0be882"
            ]
        },
        {
            "appId": "1fec8e78-bce4-4aaf-ab1b-5451cc387264",
            "permissionIds": [
                "2aa65e3f-e8f4-4e6f-960d-7345df0be882"
            ]
        },
        {
            "appId": "5e3ce6c0-2b1f-4285-8d4b-75ee78787346",
            "permissionIds": [
                "2aa65e3f-e8f4-4e6f-960d-7345df0be882"
            ]
        }
    ],
    "publisherDomain": "baltimorecountymd.gov",
    "replyUrlsWithType": [
        {
            "url": "https://teoc01p.azurewebsites.net/blank-auth-end.html",
            "type": "Spa"
        },
        {
            "url": "https://teoc01p.azurewebsites.net/auth-end.html?clientId=90cbf851-abf3-4c8a-8d42-8cecc45cbc5f",
            "type": "Spa"
        },
        {
            "url": "https://teoc01p.azurewebsites.net/auth-end.html",
            "type": "Web"
        }
    ],
    "requiredResourceAccess": [
        {
            "resourceAppId": "00000003-0000-0000-c000-000000000000",
            "resourceAccess": [
                {
                    "id": "0e263e50-5827-48a4-b97c-d940288653c7",
                    "type": "Scope"
                },
                {
                    "id": "5f8c59db-677d-491f-a6b8-5f174b11ec1d",
                    "type": "Scope"
                },
                {
                    "id": "4e46008b-f24c-477d-8fff-7bb4ec7aafe0",
                    "type": "Scope"
                },
                {
                    "id": "e383f46e-2787-4529-855e-0e479a3ffac0",
                    "type": "Scope"
                },
                {
                    "id": "a65f2972-a4f8-4f5e-afd7-69ccb046d5dc",
                    "type": "Scope"
                },
                {
                    "id": "ba47897c-39ec-4d83-8086-ee8256fa737d",
                    "type": "Scope"
                },
                {
                    "id": "65e50fdc-43b7-4915-933e-e8138f11f40a",
                    "type": "Scope"
                },
                {
                    "id": "f45671fb-e0fe-4b4b-be20-3d3ce43f1bcb",
                    "type": "Scope"
                },
                {
                    "id": "2219042f-cab5-40cc-b0d2-16b1540b4c5f",
                    "type": "Scope"
                },
                {
                    "id": "4a06efd2-f825-4e34-813e-82a57b03d1ee",
                    "type": "Scope"
                },
                {
                    "id": "0f4595f7-64b1-4e13-81bc-11a249df07a9",
                    "type": "Scope"
                },
                {
                    "id": "a9ff19c2-f369-4a95-9a25-ba9d460efc8e",
                    "type": "Scope"
                },
                {
                    "id": "539dabd7-b5b6-4117-b164-d60cd15a8671",
                    "type": "Scope"
                },
                {
                    "id": "e1fe6dd8-ba31-4d61-89e7-88639da4683d",
                    "type": "Scope"
                },
                {
                    "id": "b340eb25-3456-403f-be2f-af7a0d370277",
                    "type": "Scope"
                }
            ]
        }
    ],
    "samlMetadataUrl": null,
    "signInUrl": null,
    "signInAudience": "AzureADMyOrg",
    "tags": [],
    "tokenEncryptionKeyId": null
}
sanjaymittaluk commented 5 months ago

Hi seems like I might have a misconfiguration in my current configuration somewhere but not sure what exactly was misconfigured.

login error

Application manifest File

{
  "id": "5b56ed52-21c0-4ad3-9823-00c3db736d82",
  "acceptMappedClaims": null,
  "accessTokenAcceptedVersion": 2,
  "addIns": [],
  "allowPublicClient": null,
  "appId": "90cbf851-abf3-4c8a-8d42-8cecc45cbc5f",
  "appRoles": [],
  "oauth2AllowUrlPathMatching": false,
  "createdDateTime": "2024-01-23T14:25:08Z",
  "description": null,
  "certification": null,
  "disabledByMicrosoftStatus": null,
  "groupMembershipClaims": null,
  "identifierUris": [
      "api://teoc01p.azurewebsites.net/90cbf851-abf3-4c8a-8d42-8cecc45cbc5f"
  ],
  "informationalUrls": {
      "termsOfService": null,
      "support": null,
      "privacy": null,
      "marketing": null
  },
  "keyCredentials": [],
  "knownClientApplications": [],
  "logoUrl": null,
  "logoutUrl": null,
  "name": "TEOC",
  "notes": null,
  "oauth2AllowIdTokenImplicitFlow": true,
  "oauth2AllowImplicitFlow": true,
  "oauth2Permissions": [
      {
          "adminConsentDescription": "Allows Teams to call the app’s web APIs as the current user.",
          "adminConsentDisplayName": "Teams can access app’s web APIs",
          "id": "2aa65e3f-e8f4-4e6f-960d-7345df0be882",
          "isEnabled": true,
          "lang": null,
          "origin": "Application",
          "type": "User",
          "userConsentDescription": "Allows Teams to call the app’s web APIs as the current user.",
          "userConsentDisplayName": "Teams can access app’s web APIs",
          "value": "access_as_user"
      }
  ],
  "oauth2RequirePostResponse": false,
  "optionalClaims": {
      "idToken": [],
      "accessToken": [
          {
              "name": "idtyp",
              "source": null,
              "essential": false,
              "additionalProperties": []
          }
      ],
      "saml2Token": []
  },
  "orgRestrictions": [],
  "parentalControlSettings": {
      "countriesBlockedForMinors": [],
      "legalAgeGroupRule": "Allow"
  },
  "passwordCredentials": [
      {
          "customKeyIdentifier": null,
          "endDate": "2025-01-22T14:28:02.121Z",
          "keyId": "dad2ef4e-97aa-4045-90a6-796be0309205",
          "startDate": "2024-01-23T14:28:02.121Z",
          "value": null,
          "createdOn": "2024-01-23T14:28:34.5487237Z",
          "hint": "dYx",
          "displayName": "TEOC Secret"
      }
  ],
  "preAuthorizedApplications": [
      {
          "appId": "00000002-0000-0ff1-ce00-000000000000",
          "permissionIds": [
              "2aa65e3f-e8f4-4e6f-960d-7345df0be882"
          ]
      },
      {
          "appId": "d3590ed6-52b3-4102-aeff-aad2292ab01c",
          "permissionIds": [
              "2aa65e3f-e8f4-4e6f-960d-7345df0be882"
          ]
      },
      {
          "appId": "4765445b-32c6-49b0-83e6-1d93765276ca",
          "permissionIds": [
              "2aa65e3f-e8f4-4e6f-960d-7345df0be882"
          ]
      },
      {
          "appId": "4345a7b9-9a63-4910-a426-35363201d503",
          "permissionIds": [
              "2aa65e3f-e8f4-4e6f-960d-7345df0be882"
          ]
      },
      {
          "appId": "1fec8e78-bce4-4aaf-ab1b-5451cc387264",
          "permissionIds": [
              "2aa65e3f-e8f4-4e6f-960d-7345df0be882"
          ]
      },
      {
          "appId": "5e3ce6c0-2b1f-4285-8d4b-75ee78787346",
          "permissionIds": [
              "2aa65e3f-e8f4-4e6f-960d-7345df0be882"
          ]
      }
  ],
  "publisherDomain": "baltimorecountymd.gov",
  "replyUrlsWithType": [
      {
          "url": "https://teoc01p.azurewebsites.net/blank-auth-end.html",
          "type": "Spa"
      },
      {
          "url": "https://teoc01p.azurewebsites.net/auth-end.html?clientId=90cbf851-abf3-4c8a-8d42-8cecc45cbc5f",
          "type": "Spa"
      },
      {
          "url": "https://teoc01p.azurewebsites.net/auth-end.html",
          "type": "Web"
      }
  ],
  "requiredResourceAccess": [
      {
          "resourceAppId": "00000003-0000-0000-c000-000000000000",
          "resourceAccess": [
              {
                  "id": "0e263e50-5827-48a4-b97c-d940288653c7",
                  "type": "Scope"
              },
              {
                  "id": "5f8c59db-677d-491f-a6b8-5f174b11ec1d",
                  "type": "Scope"
              },
              {
                  "id": "4e46008b-f24c-477d-8fff-7bb4ec7aafe0",
                  "type": "Scope"
              },
              {
                  "id": "e383f46e-2787-4529-855e-0e479a3ffac0",
                  "type": "Scope"
              },
              {
                  "id": "a65f2972-a4f8-4f5e-afd7-69ccb046d5dc",
                  "type": "Scope"
              },
              {
                  "id": "ba47897c-39ec-4d83-8086-ee8256fa737d",
                  "type": "Scope"
              },
              {
                  "id": "65e50fdc-43b7-4915-933e-e8138f11f40a",
                  "type": "Scope"
              },
              {
                  "id": "f45671fb-e0fe-4b4b-be20-3d3ce43f1bcb",
                  "type": "Scope"
              },
              {
                  "id": "2219042f-cab5-40cc-b0d2-16b1540b4c5f",
                  "type": "Scope"
              },
              {
                  "id": "4a06efd2-f825-4e34-813e-82a57b03d1ee",
                  "type": "Scope"
              },
              {
                  "id": "0f4595f7-64b1-4e13-81bc-11a249df07a9",
                  "type": "Scope"
              },
              {
                  "id": "a9ff19c2-f369-4a95-9a25-ba9d460efc8e",
                  "type": "Scope"
              },
              {
                  "id": "539dabd7-b5b6-4117-b164-d60cd15a8671",
                  "type": "Scope"
              },
              {
                  "id": "e1fe6dd8-ba31-4d61-89e7-88639da4683d",
                  "type": "Scope"
              },
              {
                  "id": "b340eb25-3456-403f-be2f-af7a0d370277",
                  "type": "Scope"
              }
          ]
      }
  ],
  "samlMetadataUrl": null,
  "signInUrl": null,
  "signInAudience": "AzureADMyOrg",
  "tags": [],
  "tokenEncryptionKeyId": null
}

I think you need to check that the Manifest code is updated and correct as per the documentation

BCG-cmori commented 5 months ago

I have and I am not seeing anything that's misconfigured. Where should I check to see if it is misconfigured?

BCG-cmori commented 5 months ago

Issue literally just resolved itself. However I am having issues submitting the incidents :(

new error

BCG-cmori commented 5 months ago

Here are some screenshots of the groups policy. However I do not want to remove the Naming Policy.

Group Settings

General Settings

sanjaymittaluk commented 5 months ago

Issue literally just resolved itself. However I am having issues submitting the incidents :(

new error

I am waiting for a response for the very same problem. I think there is an issue; Perhaps you can attach the console log and tracers for the admins to look and then you can take it from there.

v-saikirang commented 5 months ago

Hi @BCG-cmori , @sanjaymittaluk

There is a known issue with one of the graph end points causing the incident creation to fail. We are working with the team and this is expected to be resolved ASAP. We will keep you posted. Thanks for your patience on this.

Thanks.

sanjaymittaluk commented 5 months ago

There is a known issue with one of the graph end points, causing the incident creation to fail. We are working with the team and this is expected to be resolved ASAP. We will keep you posted. Thanks for your patience on this.

thank you. much appreciated.

BCG-cmori commented 5 months ago

Hi just wanted to follow up on this to see if there has been any progress and if there is an estimate when they might be fixed? Thanks for your help.

v-saikirang commented 5 months ago

Hi @BCG-cmori,

It is expected to be resolved by Jan 31st. We will keep you posted.

Thanks.

BCG-cmori commented 5 months ago

Great thanks!

BCG-cmori commented 5 months ago

Hi just wanted to follow up on this to see if we have any good news?

v-asshrirao commented 5 months ago

@BCG-cmori, Thank you for your patience on this. We have released the hotfix for this issue. Request you to kindly sync the code by following steps mentioned in this link

If you are still getting the issue we suggest you to clear cache and try again.

BCG-cmori commented 5 months ago

Awesome thank you! I will work on this and follow up if we run into any issues.

v-asshrirao commented 5 months ago

@BCG-cmori, We will close this ticket now. In case of any issue, you can reopen this or create new ticket. Thank you.

BCG-cmori commented 5 months ago

Hi

I did the sync and cleared cache in my browser but doesn't seem to be working yet. Do I need do anything else besides those items?

v-asshrirao commented 5 months ago

@BCG-cmori, Can you please confirm if sync was successful. Please share the screenshot of deployment logs from App Service > Deployment Center > Logs If sync is successful, can you please try to open teams in different browser, may be the one which you have not used or in Teams client. If you are still facing the issue, request you to kindly share the console logs and network trace.

BCG-cmori commented 5 months ago

Yeah i have waited 24 hours now and tried different browsers and I am still getting an error when i try to submit a new incident. I also looked at the developer console logs and looks like its specific to the prefix we force on new groups. Do we need to disable that or is there a way for TEOC to follow the prefix we have set?

teoc-screenshot-sync teoc-screenshot-sync-2

v-asshrirao commented 5 months ago

@BCG-cmori, Thank you for sharing the details. Group naming policy needs to be disabled for TEOC then only incident creation will succeed. At present, TEOC application will not follow custom prefix.

microsoft-github-policy-service[bot] commented 4 months ago

This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment.