Hi all,
as stated here "SSO is only supported on the live website publication channel."
Does exist a roadmap for the SSO integration in the other channels, especially in Teams?
For when we can expect new releases?
Thanks,
Alessandro.
Announcements
Hi all,
as stated here "SSO is only supported on the live website publication channel."
Does exist a roadmap for the SSO integration in the other channels, especially in Teams?
For when we can expect new releases?
Thanks,
Alessandro.
This is the default behavior and will prompt you for login just for the first time in Teams. After that the credentials will be cached in Teams and no need to login again. You will not be able to change this behavior within Teams. In my case I had the bot deployed to a web page and hence the custom code uses MSAL to avoid this login prompt.
@Anonymous, I broke my test bot trying to
@nk1ng All the steps that are mentioned in this thread is for custom web pages and not Teams. For Teams it is out of box. You do not need to do anything with Teams. Not even SSO configuration. The Teams will prompt for the login once and will be stored in Teams cache until you clear the cache. Not sure what is the error you are getting when you try to deploy the bot to Teams. Can you share screenshot?
Basically, @Anonymous, do I need to start over with a new VB/ngrok bot or it's possible to use SSO on Teams without custom code and just use my PowerVA bot?
Just in Teams, @Anonymous. I don't need the web side of it, still need to write custom code for SSO?
Also trying to walk through youtubes on that but it's always using ngrok/vb and always using Multitenant..
Need to change that too?
@nk1ng I understand that. Where are you hosting your bot - In Teams or in a web page? If it is external web page then everytime you open the page the bot will prompt you for login and password. if you want to avoid that then you will have to write custom code
Also I am not using ngrok/VB code, my bot is straight PowerVA.. I am struggling with that, I don't have any "code" to modify? That makes a different?
So on this tutorial: https://docs.microsoft.com/en-us/power-virtual-agents/configure-sso-teams
Where is the second client ID? I am just trying to set up SSO on Teams not the web, I still need the second client?
It is not custom logon card. The directline API requires a User to communicate with bot. The MSAL code that I mentioned checks for any token and if not tries to get a new user token. If the page hosting the bot is in M365 then the single sign on will be seamless without any login prompt. If not then the user will be prompted to type in user name and password. In my case I was hosting this bot within SP Online page and hence the MSAL login was seamless. The login card is provided internally by Azure AD and there is no need to build any card for that.
directLine.postActivity({
type: 'invoke',
name: 'signin/tokenExchange',
value: {
id: activity.attachments[0].content.tokenExchangeResource.id,
connectionName: activity.attachments[0].content.connectionName,
token,
},
"from": {
id: userID,
name: userEmailAddress,
role: "user"
}
}).subscribe(
id => {
if (id === 'retry')
{
document.location.reload();
// bot was not able to handle the invoke, so display the oauthCard
//return next(action);
}
// else: tokenexchange successful and we do not display the oauthCard
},
error =>
{
debugger;
// an error occurred to display the oauthCard
return next(action);
}
);
In this code the UserID used in "from" parameter is Azure AD user id.
Hope this helps
So I need to build a custom logon card and publish somewhere for SSO in Teams to work, without that it won't work correct?
-n
Stay up to date on forum activity by subscribing. You can also customize your in-app and email Notification settings across all subscriptions.