We have recently integrated MS teams API so that clients can directly schedule their meetings from our dashboard. The integration worked fine and everything worked when we tested internally. Now however when clients tried to use this integration, they are facing issues.
When they are taken to authorization screen and they approve the request, it says "Sorry, but we're having trouble with signing you in"
and the Troubleshooting details says:
Application with identifier was not found in the director. This can happen if the application has not been installed by the administrator of the tenant...
I've attached screenshot here. The permission/scope we are using are: OnlineMeetings.ReadWrite, offline_access
I already asked this question on MS forum but didn't get any answer there yet. Adding link here: https://learn.microsoft.com/en-us/answers/questions/339273/ms-teams-integration-tenant-administrator-permissi.html
To access the application for other organisation, you need to enable the multi tenant configuration in application registration.You need to enable the multi tenant in azure where you have registered your application. Please check this document for more info.
Related
We are facing issue in Azure chatbot, LUIS is not responding in Test in Web Chat on Azure. Chatbot is working fine Emulator and integration with direct line. My client is testing always from Azure so it is some critical issue for us. We are using Standard LUIS runtime subscription. It would be great if someone can help us. I did below trouble shooting steps.
Subscription key for standard plan and verify keys , it is correct.
Re-deployed
See application Insights error code is 400 only when i run it from Azure Test in Web Chat
I opened MS support ticket for this issue and find same issue was running at support team side as well. There were no code and configuration change after some time it suddenly start functioning.
Thanks
I would like to create a Microsoft Teams chatbot app for a self-hosted service. Each customer will different settings and configurations. These are basic configurations
URL
Token
One app needs to be usable to multiple organizations. When they install it, their URL where the solution lives is an integral part of the app's configuration to connect with it. How do we configure such a setting inside the chat app after the installation? Or Is it possible to configure the settings when installing the chat bot? I see some sample apps but i couldn't see the examples to set the configurations like this.
Posting the Answer for better knowledge
Copying from #Rama-MSFT comments
It's not possible to change the bot URL based on the tenant. This is by design. You can install it to multiple tenant organization by approving it in Application registration in Azure. Please go through this documentation.
I've been following Microsoft's Teams C# tutorials found here, and have been successful for the most part. However, I cannot seem to get my app to work when I host the messaging endpoint myself rather than via their Azure service, which is not an option for me ultimately as the pricing is outrageous for what we need it to do.
I'm hosting the endpoint myself by publishing the sample project and ensuring it's externally available via HTTPS. I can access a custom tab within Teams, so I know that it's online, it's just the messaging endpoint that seems to fail with an "unable to reach app" error when I try and use the messaging extension via a chat window.
When debugging using dev tools, I get 502 error: Bot returned unsuccessful status code Forbidden, error code 1008. Every potential solution I've seen for similar issues hasn't worked for me thus far, though I still feel like it's something incredibly obvious. Are there special steps that need taking when hosting the endpoint yourself? The docs do a very lousy job of explaining the process, probably because Microsoft want you to pay to host the app on Azure.
This is usually caused by the app id / app key not being registered or used correctly in your app, so it's not authenticating to the bot framework service properly. Where/how you do that depends a bit on what sample code / project template you started with, but it's usually somewhere in a .config file (or previously in a .bot file).
The information that you need will be in:
App Id: The Bot Settings page in Azure
App Key: from the Bot settings page, where you got the AppId above, it links to the App registration itself - within there you'll find the section on keys, and you can create a new key (if you've lost the original one)
I know it's generally an error when AppID validation fails. The bot app requests Azure AD to verify the identity.Could your web server access to Azure AD? If you deny to access to outbound with firewall, you should allow Azure IP range.
Turns out it was purely a network issue, that as of yet we still haven't actually figured out. But we tried hosting the app elsewhere and it was fine. That's my recommendation if anyone else has the same problem!
I have been trying to make my application verified for quite some time already. The main problem that I have is that my homepage and other pages(except web hooks for push-notifications and oauth2 flow) are private (because it's dev environment, not prod) and if you try to access them from the Internet, firewall will not allow you doing so.
Considering what I wrote above, I posted OAuth Developer Verification Form with the links to my app that aren't accessible for the external network. Now I got the following message from Google:
Dear Developer,
Thank you for your patience. Please reply back with a test account email and password, so we can experience the user sign-up flow, validate the app services and then proceed with OAuth Verification process.
Please do not hesitate to reach out to us if you have questions or concerns.
Even if I provide the account in my application, Google will not be able to reach the application.
I am sure that there are thousands of applications that have DEV/QA and other environments that aren't accessible from the Internet.
How do you go through verification process?
How do you go through the process in general?
What URLs do you specify in the form? Are they private?
How do you provide user for the Google if you application is not available through the Internet(only web-hooks are available)?
This was so easy for PROD environment, but appears a real nightmare for DEV environments.
Thank you!
I'm new to azure mobile services development and any help will be greatly appreciated.
I have created sample mobile service application and could successfully launch and debug it locally. As a next step I've added google authentication. Everything works fine when the service is Published and running in the cloud. But, I could not make the service to run locally so that I can debug the service for cases when the user is authenticated.
So for I have wrestled with IIS Express and made it work with HTTPS on port 44300. But Google authentication services complained because of redirect URLs mismatch, even though I've added https://localhost:44300/signin-google to redirect list.
I feel like I'm not doing something correct here. Something does not make me believe that debugging locally is not possible.
Thanks,
Ruben
Is possible to debug in localhost, but the google/facebook/Microsoft authentication should not be tested, because it is provided out-of-the-box by Azure Mobile Service team.
you should configure it in Azure Portal and then you should implement it in your application like documentation provides.
The following resources has the references to the Authentication articles:
Azure Mobile Services for Client Apps