I am showing a wordpress website in iframe inside Microsoft teams Tabs. is there any way to detect the loggedIn user in my website?
If you are able to wrap your website inside a Teams app (which you can do for example very easily using App Studio, then you could surface your website as a "Tab" app. Doing this means you can reference the Teams JS library in your code, which will enable you to get a context object. You can get a lot of user information from that.
Be aware though that this context is not really 'trusted' data (it's just inserted via Javascript), so it could be spoofed into your page by a malicious actor. If that's a problem, you should look to implement Tab SSO in your app, which will give you a proper JWT token that you can validate.
Related
I'm making a custom tab app of MS Teams with ASP.NET, however, the tab doesn't seem to pass a same cookie between requests on MS Teams. So the ASP.NET app behind the tab generates a new Session.SessionID on every request.
I've checked the following question, and tried some settings according to that page, but nothing helped me. Actually my web site works nicely if I navigate it via Chrome or Edge.
ASP.NET: Session.SessionID changes between requests
How do I get a same cookie between requests on MS Teams?
I've not tested this specifically so haven't seen it, but basically the broad idea of session is to have to uniquely "remember" a user, and then restore State for them from a location (e.g. database). From your question, it seems like the out of box "Session" object is giving trouble, but at any rate you should probably avoid using it because it won't "remember" the user even across devices.
However, Teams provides you a way to achieve the same thing yourself quite easily. Remember that the Teams 'Context' object provides a userObjectId property that is unique and valid for the same user on all sessions on all devices (it's actually their Azure Active Directory id). You can simply store whatever you want in your own database, key'ed by this id, and request it on page load. It's also possible to get this from the querystring for a static (personal) tab if you want to handle the behaviour server-side (e.g. C#).
I'm planning to build a custom application for Ms Teams and I wanted the app to have an 'Administration' context, reserved for some users, with charts and records management that the rest of the users wouldn't be able to see. Is there a way to accomplish this?
Is it possible to hide tabs depending on a user profile? Is there another way to accomplish this on teams?
Tks
Inside your tab you can do whatever you want - it's just a custom web app/page. The only "restriction" aside from a normal web app, is that it must implement the Teams javascript library - see here for more. However, once you've implemented that library, you can get the Teams context, which includes the user's Azure AD Id and also UPN, and you could use one or both of those to do a lookup against your database, determine the user's role, and show/hide UI elements accordingly.
However, I think you might be asking about whether the entire Tab -itself- (i.e. even the tab item inside the Teams client) can be hidden from other users. To do this, an option is to use a "private channel", just for the relevant users, and pin the tab inside there only.
I need to connect my web app to Microsoft Teams.
If a client connects to my website, he will see the chats or make video calls in a part of the view and in the other one, I could have whatever.
I have been seen the graph API but it's not exactly that, because when I create an online meeting, the response returns me a link to Microsoft Teams web.
Finally, if I try to encapsulate this response inside an iframe, I get the next error:
Image
In resume, it would be like an Microsoft teams client embedded into my website, is it possible?
Thanks you.
Why would you want to implement Teams client embedded inside your web page. Just a link on a page to https://teams.microsoft.com gets you to the full app.
If you implement all the functionality inside embedded view, then things would become squashed into a smaller space than needed.
I am following the tutorial located here: https://developer.xamarin.com/guides/xamarin-forms/cloud-services/authentication/oauth/
I got to the step titled: Presenting the Sign-In User Interface.
It says that, "When the Login method is invoked, the sign-in user interface is presented to the user in a tab from the device's web browser."
Now is this really the process when using Xamarin?
Because the other apps I've downloaded and played with don't open the browser and then open a new tab to give me a choice of which account to choose. Those apps pop up a small page on top of the app and allows me to select an account.
If this Xamarin process is different I am not going to use it when developing my app. Please clear this up for me thanks.
There is no such thing as as "Xamarin's way of oAuth".
oAuth is about authenticating users through 3rd parties like Google, Facebook, Twitter etc. There are different oAuth flows which are mostly used: the implicit grant and the authorisation code grant. For mobile apps the implicit flow is common because auth code flow involves the app keeping a secret which a mobile cannot really guarantee. For a great overview of these flows I can recommend this lecture from Xamarin.University.
These flows are the same no matter which underlying development stack you are using.
The documentation you are referring to is using a library to help using these flows: Xamarin.Auth. As a matter of fact you don't have to use this library at all. This library helps with storing tokens, sending requests that include the required tokens, detect endpoint redirects etc. Part of using this library is presenting the UI where the 3rd party vendors login form is shown.
This is what you do when calling:
var presenter = new Xamarin.Auth.Presenters.OAuthLoginPresenter();
presenter.Login(authenticator);
The actual implementation of presenting the UI is platform specific. On iOS the UI os shown modally if that's how you are coding it. If you change this code to show the UI as a small popup floating on top of existing content, you can of course do this. This is true for any given platform.
I'm trying to get my Cortana Skill (from a Web based Bot) to play a specific album on Groove.
Playing the album can be achieved with a Deep Link like this one, although if you try it you will probably just launch the Windows Store.
That happens because that link requires you to be authenticated in the music.microsoft.com endpoint. But invoking the Deep Link from Cortana's LaunchUri laves no room for setting an Authorization header, so there's really no way to guarantee that the user will be have previously authentified.
Is it possible to make this work seamlessly by persisting the auth token and passing it through Cortana somehow?