Reputation: 868
Azure AD authentication not working as expected for mobile devices
I have built an authentication system for Microsoft Teams tab -( angular application) using Authentication for tabs using Azure Active Directory - Teams and it is working fine on desktop (app and browser) but when I am trying to run on the mobile app and then press Authenticate(seen below in image) button it takes me to the sign-in popup after signing in it returns back to same authenticate page.
Now, when I try it a second time it lands me on the page where I want to but with missing data and also, not as responsive it should be.
The below screenshots taken from the iOS device will help further: I am on Version: 2.4.0
Desktop View:
Major Queries:
Is the Azure AD (https://learn.microsoft.com/en-us/microsoftteams/platform/tabs/how-to/authentication/auth-tab-aad) authentication will not work for mobile devices?
If I switch to a Single sign-on(https://learn.microsoft.com/en-us/microsoftteams/platform/tabs/how-to/authentication/auth-aad-sso) , are there any limitations to using it and also, will it support all the platforms ?
Upvotes: 0
Views: 694
Answers (1)
Reputation: 646
- Is the Azure AD (https://learn.microsoft.com/en-us/microsoftteams/platform/tabs/how-to/authentication/auth-tab-aad) authentication will not work for mobile devices?
It should work on mobile devices.
- If I switch to a Single sign-on(https://learn.microsoft.com/en-us/microsoftteams/platform/tabs/how-to/authentication/auth-aad-sso) , are there any limitations to using it and also, will it support all the platforms ?
Single sign-on doesn't solve anything because if it fails you have to fallback to the default auth flow.
Looks like this is an angular issue, not a Microsoft's auth issue. The problem is interesting because in general it is working but from the second attempt.
I think it might be the issue with synchronization, when some part of the code is running outside of the Angular but is trying to do something with the variables in the Angular's zone.
I don't know how exactly microsoftTeams.getContext and microsoftTeams.authentication.authenticate work but they are async and if they use setInterval/setTimeout they definitely will work outside of your Angular app. And if they set data into your angular variables you will have the issues like you described.
So that's what happens in my opinion:
- You are clicking auth button, everything is fine you are redirected, authenticated and redirected back to your final page.
- On that final page your app is trying to save your token into the local angular variable.
- Code that is setting the token works outside the Angular and Angular doesn't see this change. So from the angular's perspective nothing has changed, you are still not authenticated.
- Your app is redirecting you to your private page, Angular doesn't see token and redirects you back to the auth page.
- <Here something happend, for example ChangeDetectorRef.detectChanges, or other sync things>.
- You click auth again and you end up authenticated on your private page, but without the apiKey and UserID (which have the same issue as token)
So to fix this you need to notify angular manually by using ChangeDetectorRef.detectChanges or wrap your async code with the NgZone.run.
Upvotes: 1
Related Questions
- Why does authentication not go through in MS Teams Bot app?
- MS Graph api user authentication failing
- Custom Teams app with Azure authenticaton doesn't work in Teams desktop app
- Unable to obtain access token for calling Microsoft Graph APIs
- Azure AD only generates invalid Access Token to use with Microsoft Graph
- Authentication from mobile devices with OpenID Connect / Azure AD not working with Microsoft Graph API
- Microsoft graph and Azure Ad user authentication
- Azure AD V1 endpoint registered native app: Graph API consent given but user can't get through
- Azure AD: Requesting a token using device code failed with 401
- Azure AD Graph API - Getting token on iOS/Android