-
Notifications
You must be signed in to change notification settings - Fork 195
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bot-based message extension authentication with external browser #2304
Comments
Thanks for raising your query, we will investigate it and get back to you. |
Hii @onmomo Could you please share repro steps or a short vedio for your issue and manifest to test it from our end? |
@Vikram-MSFT Interestingly, I tried to reproduce the issue with Teams 2.0 on MacOS (Version 24091.213.2852.3731 (24091.213.2852.3731)) but I was not able to, seems resolved at least for MacOS. I don't really understand why this should have changed out of a sudden, though google-auth-teams-ios.movHere are the resources google is referring to for the error
As far as we understand the issue, Teams for mobile should not leverage the embedded WebViews but open the native system browser instead to run the authentication flow with Google. |
Hello @onmomo You can also refer this sample:https://github.com/OfficeDev/Microsoft-Teams-Samples/tree/main/samples/tab-external-auth/csharp |
@Vikram-MSFT thanks for your response. As mentioned, I implemented isExternal for our personal tab and also contributed to the referenced docs, to allow a successful implementation of isExternal. |
Hello @onmomo |
@Vikram-MSFT do you have any update on this one? |
While implementing bot-based message authentication flow, we noticed that the authentication flow is triggered with the embedded browser of the Teams Desktop client. Using an embedded browser is not supported by Google anymore. It fails with "Error 403, disallowed_useragent" due to the authentication running in the embedded browser, which is a actually a security risk.
For our personal tab app, we implemented the authentication leveraging the isExternal: true flag, which resolves this issue for personal tab apps.
This is how we respond with our query and action message extensions to trigger the authentication flow in the embedded browser. We are following this guide for adding third party authentication to message extension.
Please advise how we can trigger this flow on the external system browser in order to resolve this?
The text was updated successfully, but these errors were encountered: