Allow Azure service principal to update MS Teams developer portal app

[g-dx]

Is your feature request related to a problem? Please describe. I'd like to ensure the MS Teams Developer Portal application definition is always in-sync with the application manifest I have stored in my Git repository.

To do this I'd like to setup a CI/CD pipeline to call the following Teams Toolkit CLI command when someone modifies the manifest.json file.

npx @microsoft/teamsapp-cli update --env test

Right now this fails because the CLI attempts to open a browser window to login to an M365 account.

Describe the solution you'd like

I'd like the service principal I setup in Azure Active Directory to be sufficient to invoke the update CLI command.

So the following commands should execute successfully in a CI/CD pipeline:

npx @microsoft/teamsapp-cli auth login azure --interactive false --service-principal true --username $CLIENT_ID --password $CLIENT_SECRET --tenant $ILDM_TENANT_ID
npx @microsoft/teamsapp-cli update --env test

Describe alternatives you've considered

There does not appear to be an alternative.

Additional context

[MuyangAmigo]

Hey @g-dx - This is a known issue and we have pushed a fix: https://github.com/OfficeDev/teams-toolkit/pull/11978

This will be included in next beta version of Teams Toolkit CLI, which will be released mid of next week.

[g-dx]

Hey @MuyangAmigo thanks for the response.

However, I had a look at the code in the linked pull request #11978 and it would seem to still require login to M365, just not interactively. My request was that an Azure service principal can update the MS Developer Portal app.

Can you confirm whether this is possible or not?

[MuyangAmigo]

Hey @MuyangAmigo thanks for the response.

However, I had a look at the code in the linked pull request #11978 and it would seem to still require login to M365, just not interactively. My request was that an Azure service principal can update the MS Developer Portal app.

Can you confirm whether this is possible or not?

For M365 account login, it's not possible to use Service Principal, but for Azure account, yes. M365 account supports using ID/Password to login with non-interactive mode.

[microsoft-github-policy-service[bot]]

This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 7 days. It will be closed if no further activity occurs within 3 days of this comment. If it is closed, feel free to comment when you are able to provide the additional information and we will re-investigate.

[microsoft-github-policy-service[bot]]

Due to lack of details for further investigation, we will archive the issue for now. In case you still have following-up questions on this issue, please always feel free to reopen the issue by clicking ‘reopen issue’ button below the comment box. We will get back to you as soon as possible.