cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Anonymous
Not applicable

How to configure SSO on a intranet page (SharePoint)

Hi,

 

I have been trying to configure SSO on our organization SharePoint website using PVA. But I don't see it to be working. I have been referring to the below URLs:

 

SSO doc 

https://docs.microsoft.com/en-us/power-virtual-agents/configure-sso#:~:text=Power%20Virtual%20Agents....

 

GitHub Sample code doc

https://github.com/microsoft/PowerVirtualAgentsSamples/blob/master/BuildYourOwnCanvasSamples/3.singl...


I have created a HTML file adding the SSO code provided from the above doc and published in the SharePoint website. I do not wish to see the login sign in card which asks to pass the token rather I need to Sign-in directly once I click the Chatbot button.

 

pva1.png

 

I have also posted regarding the same in the past as well. But no luck. Any help is much appreciated. 

 

Regards,

Hemanth

1 ACCEPTED SOLUTION

Accepted Solutions
Anonymous
Not applicable

Hi @Anonymous 

 

Not sure if you are still facing issue with SSO working. I have got this issue fixed on my end and would like to share some inputs on that

 

1) I have seen the behavior of SSO and login that shows up in PVA bot is not consistent among browsers. Also you may be aware that the login status is stored in local stroage/session as specified in the MSAL.

 

2) I also saw that the code in github had issues related to how userId is passed. The particular line that was causing this login to come was this one below:

 

var userID = clientApplication.account!=null && clientApplication.account.accountIdentifier != null ?
("<Prefix>" + clientApplication.account.accountIdentifier).substr(0, 64) :
(Math.random().toString() + Date.now().toString()).substr(0, 64); // Make sure this will not exceed 64 characters

 

The userID is being used in the webchat to pass the UserID and this is supposed to be the User Id from AAD which is not the case with the <Prefix>. I fixed this to pass just the Id and no prefix.

 

var userID = clientApplication.account!=null && clientApplication.account.accountIdentifier != null ?
clientApplication.account.accountIdentifier:
(Math.random().toString() + Date.now().toString()).substr(0, 64); // Make sure this will not exceed 64 characters

 

This should take care of passing right UserID

 

if (action.type === 'DIRECT_LINE/CONNECT_FULFILLED')
{
/*
dispatch({
type: 'WEB_CHAT/SEND_EVENT',
payload: {
name: 'startConversation',
type: 'event',
value: {
text: "Hello"
}
}
});
return next(action);
*/
}

 

This is the code that is causing the Login to appear always. One more fix which I did in my case is to force the user login to happen before the webchat is displayed. This will make sure that the user token is created when webchat is initialized and what I have noticed is that after the below MSAL js changes, I never see a Login box in the chat.

 

if (!clientApplication)
{
clientApplication = new Msal.UserAgentApplication(msalConfig);
clientApplication.handleRedirectCallback(authRedirectCallBack);

//Below code will silently try to get token without popup. If there is no login already exists it will throw exception.
//As 2nd step, Login will be forced using LoginRedirect method
var newRequest =
{
scopes: ["user.read", 'openid', 'profile'],
}

clientApplication.acquireTokenSilent(newRequest).then(function(response)
{
//Now get the user display name
let user = clientApplication.getAccount();
document.getElementById("divUser").style.display="block";
document.getElementById("userName").innerHTML = " " + user.name;
}
).catch(function (error)
{
document.getElementById("divUser").style.display="block";
//Now get the user display name
document.getElementById("userName").innerHTML = "Not Logged in";
$('#divPopup').modal({backdrop: 'static',keyboard: false});
setTimeout(function()
{
//Now redirect to URI so that token will be created
clientApplication.loginRedirect(newRequest);

}, 2000);
});
}

 

The above code is trying to get token silently and if that fails it just forces login using redirect. This will make sure that first time user logs in, it will force token to be created and then it will be stored in local storage.

 

After this fix, my bot works fine all the time in the external web page. Hope this helps. Do not hesitate to ask any further questions.

View solution in original post

26 REPLIES 26
Anonymous
Not applicable

Hi @Anonymous 

 

Not sure if you are still facing issue with SSO working. I have got this issue fixed on my end and would like to share some inputs on that

 

1) I have seen the behavior of SSO and login that shows up in PVA bot is not consistent among browsers. Also you may be aware that the login status is stored in local stroage/session as specified in the MSAL.

 

2) I also saw that the code in github had issues related to how userId is passed. The particular line that was causing this login to come was this one below:

 

var userID = clientApplication.account!=null && clientApplication.account.accountIdentifier != null ?
("<Prefix>" + clientApplication.account.accountIdentifier).substr(0, 64) :
(Math.random().toString() + Date.now().toString()).substr(0, 64); // Make sure this will not exceed 64 characters

 

The userID is being used in the webchat to pass the UserID and this is supposed to be the User Id from AAD which is not the case with the <Prefix>. I fixed this to pass just the Id and no prefix.

 

var userID = clientApplication.account!=null && clientApplication.account.accountIdentifier != null ?
clientApplication.account.accountIdentifier:
(Math.random().toString() + Date.now().toString()).substr(0, 64); // Make sure this will not exceed 64 characters

 

This should take care of passing right UserID

 

if (action.type === 'DIRECT_LINE/CONNECT_FULFILLED')
{
/*
dispatch({
type: 'WEB_CHAT/SEND_EVENT',
payload: {
name: 'startConversation',
type: 'event',
value: {
text: "Hello"
}
}
});
return next(action);
*/
}

 

This is the code that is causing the Login to appear always. One more fix which I did in my case is to force the user login to happen before the webchat is displayed. This will make sure that the user token is created when webchat is initialized and what I have noticed is that after the below MSAL js changes, I never see a Login box in the chat.

 

if (!clientApplication)
{
clientApplication = new Msal.UserAgentApplication(msalConfig);
clientApplication.handleRedirectCallback(authRedirectCallBack);

//Below code will silently try to get token without popup. If there is no login already exists it will throw exception.
//As 2nd step, Login will be forced using LoginRedirect method
var newRequest =
{
scopes: ["user.read", 'openid', 'profile'],
}

clientApplication.acquireTokenSilent(newRequest).then(function(response)
{
//Now get the user display name
let user = clientApplication.getAccount();
document.getElementById("divUser").style.display="block";
document.getElementById("userName").innerHTML = " " + user.name;
}
).catch(function (error)
{
document.getElementById("divUser").style.display="block";
//Now get the user display name
document.getElementById("userName").innerHTML = "Not Logged in";
$('#divPopup').modal({backdrop: 'static',keyboard: false});
setTimeout(function()
{
//Now redirect to URI so that token will be created
clientApplication.loginRedirect(newRequest);

}, 2000);
});
}

 

The above code is trying to get token silently and if that fails it just forces login using redirect. This will make sure that first time user logs in, it will force token to be created and then it will be stored in local storage.

 

After this fix, my bot works fine all the time in the external web page. Hope this helps. Do not hesitate to ask any further questions.

Anonymous
Not applicable

Hi @Anonymous 

 

Thanks a lot for responding back..

 

Yes, I still face issues with SSO. Below is the code that I am using to achieve SSO. I have added the changes that was told by you to my code. I do not want to use the login button since I have already logged into my SharePoint website.

 

<!DOCTYPE html>
<html>
  <head>
    <title>Virtual Agent</title>
    <script src="https://cdn.botframework.com/botframework-webchat/latest/webchat.js"></script>

    <script
      type="text/javascript"
      src="https://alcdn.msauth.net/lib/1.2.0/js/msal.js"></script>

    <script
      src="https://unpkg.com/@azure/storage-blob@10.3.0/browser/azure-storage.blob.min.js"
      integrity="sha384-fsfhtLyVQo3L3Bh73qgQoRR328xEeXnRGdoi53kjo1uectCfAHFfavrBBN2Nkbdf"
      crossorigin="anonymous"></script>

    <script type="text/javascript">
      if (typeof Msal === "undefined")
        document.write(
          unescape(
            "%3Cscript src='https://alcdn.msftauth.net/lib/1.2.0/js/msal.js' type='text/javascript' %3E%3C/script%3E"
          )
        );
    </script>

    <style>
      html,
      body {
        height: 100%;
      }

      body {
        margin: 0;
      }

      .modal {
        display: none; /* Hidden by default */
        position: fixed; /* Stay in place */
        z-index: 1; /* Sit on top */
        padding-top: 100px; /* Location of the box */
        left: 0;
        top: 0;
        width: 100%; /* Full width */
        height: 100%; /* Full height */
        overflow: auto; /* Enable scroll if needed */
        background-color: rgb(0, 0, 0); /* Fallback color */
        background-color: rgba(0, 0, 0, 0.4); /* Black w/ opacity */
      }

      .modal-content {
        background-color: #fefefe;
        margin: auto;
        padding: 10px;
        border: 1px solid #888;
        width: 500px;
        height: 575px;
      }
      .close {
        color: black;
        float: right;
        font-size: 28px;
        font-weight: bold;
      }

      .close:hover,
      .close:focus {
        color: #000;
        text-decoration: none;
        cursor: pointer;
      }

      .main {
        margin: 18px;
        border-radius: 4px;
      }

      div[role="form"] {
        background-color: #3392ff;
      }

      #webchat {
        position: center;
        height: 530px;
        width: 100%;
        top: 60px;
        overflow: hidden;
      }
      #heading {
        padding-bottom: 5px;
      }

      h1 {
        font-size: 14px;
        font-family: Segoe UI;
        font-style: normal;
        font-weight: 600;
        font-size: 14px;
        line-height: 20px;
        color: #f3f2f1;
        letter-spacing: 0.005em;
        display: table-cell;
        vertical-align: middle;
        padding: 13px 0px 0px 20px;
      }

      #login {
        position: fixed;
        margin-left: 150px;
      }

      .span {
        font-weight: bold;
      }
      #myBtn {
        position: fixed;
        float: right;
        outline: none;
        width: 60px;
        height: 80px;
        margin: auto auto auto 10px;
      }
      button:hover {
        background-color: transparent;
      }
    </style>
  </head>
  <body>

    <button id="myBtn" type="button">Power Virtual Agent</button>

    <button id="login" name="login" onclick="onSignInClick()" style="background-color: aliceblue">Log In</button>

    <div id="myModal" class="modal">

      <div class="modal-content" style="background-color: #ffd933">

        <span class="close">&times;</span>
        <div id="chatwindow">
          <div id="heading">
            <span class="span"><strong>Virtual Agent</strong></span>
            <label id="divUser" name="divUser" style="width: 75%; height: 15px; border-color: Transparent"></label>
            <label id="userName" name="userName" style="width: 75%; height: 15px; border-color: Transparent">Not logged in.</label>
          </div>
          <div id="webchat"></div>
        </div>
      </div>
    </div>

    <script>

      var modal = document.getElementById("myModal");
      var btn = document.getElementById("myBtn");
      var span = document.getElementsByClassName("close")[0];
      btn.onclick = function () {
        modal.style.display = "block";
      };
      span.onclick = function () {
        modal.style.display = "none";
      };
      window.onclick = function (event) {
        if (event.target == modal) {
          modal.style.display = "none";
        }
      };

    </script>

    <script>
      function onSignin(idToken) {
        let user = clientApplication.getAccount();
        alert("User: " + JSON.stringify(user));

        document.getElementById("userName").innerHTML = "Currently logged in as " + user.name;
        let requestObj1 = {
          scopes: ["user.read", "openid", "profile"],
        };
      }

      function onSignInClick() {
        let user = clientApplication.getAccount();
        let requestObj = {
          scopes: ["user.read", "openid", "profile"],
        };

        clientApplication.loginPopup(requestObj).then(onSignin).catch(function (error) {
            console.log("error: " + error);
          });
      }

      function getOAuthCardResourceUri(activity) {
        if (
          activity &&
          activity.attachments &&
          activity.attachments[0] &&
          activity.attachments[0].contentType === "application/vnd.microsoft.card.oauth" &&
          activity.attachments[0].content.tokenExchangeResource)
          {
          return activity.attachments[0].content.tokenExchangeResource.uri;
          }
      }

      function exchangeTokenAsync(resourceUri) {
        let user = clientApplication.getAccount();

        if (user) {
          console.log("User exist " + JSON.stringify(user));

          let requestObj = {
            scopes: [resourceUri],
          };
          console.log("RequestObj: " + JSON.stringify(requestObj));

          return clientApplication.acquireTokenSilent(requestObj).then(function (tokenResponse) {
              console.log("ExchangeTokenAsync requestObj: " + tokenResponse.accessToken);
              return tokenResponse.accessToken;
            })
            .catch(function (error) {
              console.log("ExchangeTokenAsync error: " + error);
            });
        } else {
          return Promise.resolve(null);
        }
      }

      async function fetchJSON(url, options = {}) {
        const res = await fetch(url, {
          ...options,
          headers: {
            ...options.headers,
            accept: "application/json",
          },
        });

        if (!res.ok) {
          throw new Error(`Failed to fetch JSON due to ${res.status}`);
        }

        return await res.json();
      }
    </script>

    <script>
      var clientApplication;

      (function () {
        var msalConfig = {
          auth: {
            clientId: "<Removed Canvas Client ID>",
            authority:"https://login.microsoftonline.com/<Removed Directory ID>",
          },
          cache: {
            cacheLocation: "localStorage",
            storeAuthStateInCookie: false,
          },
        };
        if (!clientApplication) {
          clientApplication = new Msal.UserAgentApplication(msalConfig);

          // I get an error stating "Uncaught ReferenceError: authRedirectCallBack is not defined"
          clientApplication.handleRedirectCallback(authRedirectCallBack);

          //Below code will silently try to get token without popup. If there is no login already exists it will throw exception.
          //As 2nd step, Login will be forced using LoginRedirect method
          var newRequest = {
            scopes: ["user.read", "openid", "profile"],
          };

          clientApplication.acquireTokenSilent(newRequest).then(function (response)
          {
              //Now get the user display name
              let user = clientApplication.getAccount();
              document.getElementById("divUser").style.display = "block";
              document.getElementById("userName").innerHTML = " " + user.name;
          })
          .catch(function (error)
          {
              document.getElementById("divUser").style.display = "block";
              //Now get the user display name
              document.getElementById("userName").innerHTML = "Not Logged in";
              $("#divPopup").modal({ backdrop: "static", keyboard: false });
              setTimeout(function ()
              {
                //Now redirect to URI so that token will be created
                clientApplication.loginRedirect(newRequest);
              }, 2000);
          });
        }
      })();

      (async function main() {

        var BOT_ID = "<Removed BOT ID>";
        var theURL = "https://powerva.microsoft.com/api/botmanagement/v1/directline/directlinetoken?botId=" + BOT_ID;

        var userId = clientApplication.account!=null && clientApplication.account.accountIdentifier != null ? clientApplication.account.accountIdentifier: (Math.random().toString() + Date.now().toString()).substr(0, 64); // Make sure this will not exceed 64 characters

        console.log("Async function main userId: " + userId);

        const { token } = await fetchJSON(theURL);
        const directLine = window.WebChat.createDirectLine({ token });
        const store = WebChat.createStore(
          {},
          ({ dispatch }) => (next) => (action) => {
            const { type } = action;
            if (action.type === "DIRECT_LINE/CONNECT_FULFILLED")
            {

              /*dispatch({
                type: "WEB_CHAT/SEND_EVENT",
                payload: {
                  name: "startConversation",
                  type: "event",
                  value: { text: "hello" },
                },
              });
              return next(action);*/

            }
            if (action.type === "DIRECT_LINE/INCOMING_ACTIVITY")
            {
              const activity = action.payload.activity;
              let resourceUri;
              if (activity.from && activity.from.role === "bot" &&(resourceUri = getOAuthCardResourceUri(activity)))
              {
                exchangeTokenAsync(resourceUri).then(function (token) {
                  if (token) {
                    directLine.postActivity({
                        type: "invoke",
                        name: "signin/tokenExchange",
                        value: {
                          id:activity.attachments[0].content.tokenExchangeResource.id,
                          connectionName:activity.attachments[0].content.connectionName,
                          token,
                        },
                        from: {
                          id: userId,
                          name: clientApplication.account.name,
                          role: "user",
                        },
                      }).subscribe((id) => {

                          console.log("id: " + id);

                          if (id === "retry")
                          {
                            console.log(`Bot was not able to handle the invoke, so display the oauthCard`);
                            return next(action);
                          }
                          console.log(`Else: tokenexchange successful and we do not display the oauthCard`);
                        },
                        (error) => {
                          console.log(`An error occurred to display the oauthCard`);
                          return next(action);
                        }
                      );
                    return;
                  } else return next(action);
                });
              } else return next(action);
            } else return next(action);
          }
        );

        const styleOptions = {
          // Add styleOptions to customize Web Chat canvas
       	 hideUploadButton: true
        };

        window.WebChat.renderWebChat(
          {
            directLine: directLine,
            store,
            userID: userId,
            styleOptions,
          },
          document.getElementById("webchat")
        );
      })().catch((err) => console.error("An error occurred: " + err));
    </script>
  </body>
</html>

 

I am getting an error stating

"Uncaught ReferenceError: authRedirectCallBack is not defined"  from the below line of code.
clientApplication.handleRedirectCallback(authRedirectCallBack);

 

So I just created a function

 

function authRedirectCallBack(error, response) {
if (error) {
console.log(error);
}
}
 
And I saw my name to be displayed on the label tag on the bot screen as below.
a1.jpg
 

I also see the below error as well

webchat.js:2 POST https://directline.botframework.com/v3/directline/conversations/6EES0CsPuThCYcqw3AK1Cb-6/activities 502

 

It always entry into the id === "retry" block of code.

 

if (id === "retry")
{
console.log(`Bot was not able to handle the invoke, so display the oauthCard`);
return next(action);
}

 

I still get the login box when I start to chat with my bot. 

 

Can you please help me solve this. Thanks.

Anonymous
Not applicable

@Anonymous ,

 

With this approach, the redirect URL needs to be passed

 

var msalConfig = 
	{
		auth: 
		{
	    	clientId: '', //Client Id of the AAD Aopp
	   		authority: 'https://login.microsoftonline.com/<TenantId>', //Login
	    	redirectUri: "<SharePoint Page where Bot will be hosted>", //URL that MSAL will redirect to when token is created
	    	navigateToLoginRequestUrl: false //Flag whether to navigate to page if token is not found
		},
	   	cache: 
	   	{
	     cacheLocation: 'localStorage', //Where to store the token information - Local storage
	     storeAuthStateInCookie: false //Whether to store auth information in cookie
	   	}
	};


if (!clientApplication) 
{
		clientApplication = new Msal.UserAgentApplication(msalConfig);
		clientApplication.handleRedirectCallback(authRedirectCallBack);	
}

function authRedirectCallBack(error, response) 
{
    //Do Nothing Here since we don't come back to this page.
    
}

Also make sure to add the redirect url of the SharePoint page where the bot is hosted in AAD App redirect Uri otherwise you will receive a error. 

 

Also can you check your AAD App settings to make sure the configuration is correct. Make sure to add your redirect uri.

 

Hope this helps.

Anonymous
Not applicable

@Anonymous 

 

Thank you, I have done the code changes as above. But no luck. I still see the login card.


Below is the code section of MSAL and the main method.

<script>
      var clientApplication;

      (function () {
        var msalConfig =
	       {
		     auth:
		          {
	    	         clientId: '<Have removed the Client ID>', //Client Id of the AAD Aopp
	   		         authority: 'https://login.microsoftonline.com/<Have removed the Directory ID>', //Login
	    	         redirectUri: "https://<org name>.sharepoint.com/sites/testing/MT/project/SitePages/Home.aspx", //URL that MSAL will redirect to when token is created
	    	         navigateToLoginRequestUrl: false //Flag whether to navigate to page if token is not found
		          },
	   	  cache:
	   	        {
	               cacheLocation: 'localStorage', //Where to store the token information - Local storage
	               storeAuthStateInCookie: false //Whether to store auth information in cookie
	   	        }
	       };

             if (!clientApplication)
             {
		             clientApplication = new Msal.UserAgentApplication(msalConfig);
		             clientApplication.handleRedirectCallback(authRedirectCallBack);
             }

      function authRedirectCallBack(error, response)
      {
        //Do Nothing Here since we don't come back to this page.

      }


          //Below code will silently try to get token without popup. If there is no login already exists it will throw exception.
          //As 2nd step, Login will be forced using LoginRedirect method
          var newRequest = {
            scopes: ["user.read", "openid", "profile"],
          };

          clientApplication.acquireTokenSilent(newRequest).then(function (response)
          {
              //Now get the user display name
              let user = clientApplication.getAccount();
              document.getElementById("divUser").style.display = "block";
              document.getElementById("userName").innerHTML = " " + user.name;
          })
          .catch(function (error)
          {
              document.getElementById("divUser").style.display = "block";
              //Now get the user display name
              document.getElementById("userName").innerHTML = "Not Logged in";
              $("#divPopup").modal({ backdrop: "static", keyboard: false });
              setTimeout(function ()
              {
                //Now redirect to URI so that token will be created
                clientApplication.loginRedirect(newRequest);
              }, 2000);
          });
      })();

      (async function main() {

        var BOT_ID = "<Have removed the Bot ID>";
        var theURL = "https://powerva.microsoft.com/api/botmanagement/v1/directline/directlinetoken?botId=" + BOT_ID;

        var userId = clientApplication.account!=null && clientApplication.account.accountIdentifier != null ? clientApplication.account.accountIdentifier: (Math.random().toString() + Date.now().toString()).substr(0, 64); // Make sure this will not exceed 64 characters

        console.log("Async function main userId: " + userId);

        const { token } = await fetchJSON(theURL);
        const directLine = window.WebChat.createDirectLine({ token });
        const store = WebChat.createStore(
          {},
          ({ dispatch }) => (next) => (action) => {
            const { type } = action;
            if (action.type === "DIRECT_LINE/CONNECT_FULFILLED")
            {
              /*
              dispatch({
                type: "WEB_CHAT/SEND_EVENT",
                payload: {
                  name: "startConversation",
                  type: "event",
                  value: { text: "hello" },
                },
              });
              return next(action);
              */
            }
            if (action.type === "DIRECT_LINE/INCOMING_ACTIVITY")
            {
              const activity = action.payload.activity;
              let resourceUri;
              if (activity.from && activity.from.role === "bot" &&(resourceUri = getOAuthCardResourceUri(activity)))
              {
                exchangeTokenAsync(resourceUri).then(function (token) {
                  if (token) {
                    directLine.postActivity({
                        type: "invoke",
                        name: "signin/tokenExchange",
                        value: {
                          id:activity.attachments[0].content.tokenExchangeResource.id,
                          connectionName:activity.attachments[0].content.connectionName,
                          token,
                        },
                        from: {
                          id: userId,
                          name: clientApplication.account.name,
                          role: "user",
                        },
                      }).subscribe((id) => {

                          console.log("id: " + id);

                          if (id === "retry")
                          {
                            console.log(`Bot was not able to handle the invoke, so display the oauthCard`);
                            return next(action);
                          }
                          console.log(`Else: tokenexchange successful and we do not display the oauthCard`);
                        },
                        (error) => {
                          console.log(`An error occurred to display the oauthCard`);
                          return next(action);
                        }
                      );
                    return;
                  } else return next(action);
                });
              } else return next(action);
            } else return next(action);
          }
        );

        const styleOptions = {
          // Add styleOptions to customize Web Chat canvas
       	 hideUploadButton: true
        };

        window.WebChat.renderWebChat(
          {
            directLine: directLine,
            store,
            userID: userId,
            styleOptions,
          },
          document.getElementById("webchat")
        );
      })().catch((err) => console.error("An error occurred: " + err));
    </script>

 

Below is code section of all functions

  <script>
      function onSignin(idToken) {
        let user = clientApplication.getAccount();
        alert("User: " + JSON.stringify(user));

        document.getElementById("userName").innerHTML = "Currently logged in as " + user.name;
        let requestObj1 = {
          scopes: ["user.read", "openid", "profile"],
        };
      }

      function onSignInClick() {
        let user = clientApplication.getAccount();
        let requestObj = {
          scopes: ["user.read", "openid", "profile"],
        };

        clientApplication.loginPopup(requestObj).then(onSignin).catch(function (error) {
            console.log("error: " + error);
          });
      }

      function getOAuthCardResourceUri(activity) {
        if (
          activity &&
          activity.attachments &&
          activity.attachments[0] &&
          activity.attachments[0].contentType === "application/vnd.microsoft.card.oauth" &&
          activity.attachments[0].content.tokenExchangeResource)
          {
          return activity.attachments[0].content.tokenExchangeResource.uri;
          }
      }

      function exchangeTokenAsync(resourceUri) {
        let user = clientApplication.getAccount();

        if (user) {
          console.log("User exist " + JSON.stringify(user));

          let requestObj = {
            scopes: [resourceUri],
          };
          console.log("RequestObj: " + JSON.stringify(requestObj));

          return clientApplication.acquireTokenSilent(requestObj).then(function (tokenResponse) {
              console.log("ExchangeTokenAsync requestObj: " + tokenResponse.accessToken);
              return tokenResponse.accessToken;
            })
            .catch(function (error) {
              console.log("ExchangeTokenAsync error: " + error);
            });
        } else {
          return Promise.resolve(null);
        }
      }

      async function fetchJSON(url, options = {}) {
        const res = await fetch(url, {
          ...options,
          headers: {
            ...options.headers,
            accept: "application/json",
          },
        });

        if (!res.ok) {
          throw new Error(`Failed to fetch JSON due to ${res.status}`);
        }

        return await res.json();
      }
    </script>


I have added the SharePoint redirect uri in the code and on the AAD app as well.

The SSO configuration in Azure AD are done as per the doc provided by Microsoft.

 

Azure Canvas/SSO App registration

azure2.jpg

 

Azure Authentication App registration

azure3.jpg

 

In the console I see the below error

 

POST https://directline.botframework.com/v3/directline/conversations/52jH6J9MMCFFFk77eFTDHO-f/activities 502

 

And as the id is "retry" it enters into the if block of (id==='retry') so the login card always shows up.

Anonymous
Not applicable

I rally have not seen this error. This certainly means the bot is not able to communicate may be due to token exchange issue. Can you verify your bot token exchange url and make sure it is update in AAD app as well as PVA settings? Also the error 502 means some kind of user error. Can you try to step through the code and put a breakpoint to see what part f the code is failing. As the user tries to talk to bot, the request and response changes. Check that out

Anonymous
Not applicable

@Anonymous 

I did try to add break points and try to check which step is failing, But I am not able to figure which step fails from the code, as per the below snapshot I could see my name being passed but the end I still see the login card on by chatbot.

 

code.jpg

 

Both the redirect uri on the AAD app registration and on code are same. I have done all the code changes as updated by you. Not sure what is causing this issue. 

Anonymous
Not applicable

@Anonymous  The reason why you are seeing your user name is due to MSAL authenticating. I think the issue is with exchangeTokenAsync(). Can you debug into this and see what is happening after receiving the token. Did you check your token exchange Url to match with AAD app? 

Anonymous
Not applicable

@Anonymous 

 

The token exchange Uri that I have added in the PVA Authentication section and the AAD Canvas app both matches.

Please find the below snapshot of exchangeTokenAsync() function code with breakpoint

 

code2.jpg

Below error is what i see on my console as well.

code1.jpg

Anonymous
Not applicable

Hi @Anonymous 

 

I was successfully able to achieve SSO. I did the changes on the PVA Authentication section by changing the Service Provider from Generic OAuth 2 to Azure Active Directory V2 which was the main reason for the POST error that I was getting in the console. By doing this and the code changes that you have provided me help me a lot to successfully achieve SSO. Many Thanks.

Helpful resources

Announcements

Take a short Community User Survey | Help us make your experience better!

To ensure that we are providing the best possible experience for Community members, we want to hear from you!    We value your feedback! As part of our commitment to enhancing your experience, we invite you to participate in a brief 15-question survey. Your insights will help us improve our services and better serve the community.   👉Community User Survey    Thank you for being an essential part of our community!    Power Platform Engagement Team

Tuesday Tip | How to Get Community Support

It's time for another Tuesday Tip, your weekly connection with the most insightful tips and tricks that empower both newcomers and veterans in the Power Platform Community! Every Tuesday, we bring you a curated selection of the finest advice, distilled from the resources and tools in the Community. Whether you’re a seasoned member or just getting started, Tuesday Tips are the perfect compass guiding you across the dynamic landscape of the Power Platform Community.       This Week: All About Community Support Whether you're a seasoned community veteran or just getting started, you may need a bit of help from time to time! If you need to share feedback with the Community Engagement team about the community or are looking for ways we can assist you with user groups, events, or something else, Community Support is the place to start.   Community Support is part of every one of our communities, accessible to all our community members.   Within each community's Community Support page, you'll find three distinct areas, each with a different focus to help you when you need support from us most. Power Apps: https://powerusers.microsoft.com/t5/Community-Support/ct-p/pa_community_support Power Automate: https://powerusers.microsoft.com/t5/Community-Support/ct-p/mpa_community_support Power Pages: https://powerusers.microsoft.com/t5/Community-Support/ct-p/mpp_community_support Copilot Studio: https://powerusers.microsoft.com/t5/Community-Support/ct-p/pva_community-support   Community Support Form If you need more assistance, you can reach out to the Community Team via the Community support form. Choose the type of support you require and fill in the form accordingly. We will respond to you promptly.    Thank you for being an active part of our community. Your contributions make a difference!   Best Regards, The Community Management Team

Community Roundup: A Look Back at Our Last 10 Tuesday Tips

As we continue to grow and learn together, it's important to reflect on the valuable insights we've shared. For today's #TuesdayTip, we're excited to take a moment to look back at the last 10 tips we've shared in case you missed any or want to revisit them. Thanks for your incredible support for this series--we're so glad it was able to help so many of you navigate your community experience!   Getting Started in the Community An overview of everything you need to know about navigating the community on one page!  Community Links: ○ Power Apps ○ Power Automate  ○ Power Pages  ○ Copilot Studio    Community Ranks and YOU Have you ever wondered how your fellow community members ascend the ranks within our community? We explain everything about ranks and how to achieve points so you can climb up in the rankings! Community Links: ○ Power Apps ○ Power Automate  ○ Power Pages  ○ Copilot Studio    Powering Up Your Community Profile Your Community User Profile is how the Community knows you--so it's essential that it works the way you need it to! From changing your username to updating contact information, this Knowledge Base Article is your best resource for powering up your profile. Community Links: ○ Power Apps ○ Power Automate  ○ Power Pages  ○ Copilot Studio    Community Blogs--A Great Place to Start There's so much you'll discover in the Community Blogs, and we hope you'll check them out today!  Community Links: ○ Power Apps ○ Power Automate  ○ Power Pages  ○ Copilot Studio    Unlocking Community Achievements and Earning Badges Across the Communities, you'll see badges on users profile that recognize and reward their engagement and contributions. Check out some details on Community badges--and find out more in the detailed link at the end of the article! Community Links: ○ Power Apps  ○ Power Automate  ○ Power Pages  ○ Copilot Studio    Blogging in the Community Interested in blogging? Everything you need to know on writing blogs in our four communities! Get started blogging across the Power Platform communities today! Community Links: ○ Power Apps  ○ Power Automate  ○ Power Pages  ○ Copilot Studio   Subscriptions & Notifications We don't want you to miss a thing in the community! Read all about how to subscribe to sections of our forums and how to setup your notifications! Community Links: ○ Power Apps  ○ Power Automate  ○ Power Pages  ○ Copilot Studio   Getting Started with Private Messages & Macros Do you want to enhance your communication in the Community and streamline your interactions? One of the best ways to do this is to ensure you are using Private Messaging--and the ever-handy macros that are available to you as a Community member! Community Links: ○ Power Apps  ○ Power Automate  ○ Power Pages  ○ Copilot Studio   Community User Groups Learn everything about being part of, starting, or leading a User Group in the Power Platform Community. Community Links: ○ Power Apps  ○ Power Automate  ○ Power Pages  ○ Copilot Studio   Update Your Community Profile Today! Keep your community profile up to date which is essential for staying connected and engaged with the community. Community Links: ○ Power Apps  ○ Power Automate  ○ Power Pages  ○ Copilot Studio   Thank you for being an integral part of our journey.   Here's to many more Tuesday Tips as we pave the way for a brighter, more connected future! As always, watch the News & Announcements for the next set of tips, coming soon!  

The Copilot Studio community is thrilled to share some exciting news!

We are embarking on a journey to enhance your experience by transitioning to a new community platform. Our team has been diligently working to create a fresh community site, leveraging the very Dynamics 365 and Power Platform tools that our community advocates for.  We're proud to announce that the Copilot Studio community will pioneer this migration starting in May 2024. The move will mark the beginning of a new chapter, and we're eager for you to be a part of it. Following our lead, the rest of the Power Platform product sites will join us over the summer.   Stay tuned for more updates as we get closer to the launch. We can't wait to welcome you to our new community space, designed with you in mind, to connect, learn, and grow together.   Here's to new beginnings and endless possibilities!   If you have any questions, observations or concerns throughout this process please go to https://aka.ms/PPCommSupport. To stay up to date on the latest details of this migration and other important Community updates subscribe to our News and Announcements forums: Copilot Studio, Power Apps, Power Automate, Power Pages  

Calling all User Group Leaders and Super Users! Mark Your Calendars for the next Community Ambassador Call on May 9th!

This month's Community Ambassador call is on May 9th at 9a & 3p PDT. Please keep an eye out in your private messages and Teams channels for your invitation. There are lots of exciting updates coming to the Community, and we have some exclusive opportunities to share with you! As always, we'll also review regular updates for User Groups, Super Users, and share general information about what's going on in the Community.     Be sure to register & we hope to see all of you there!

April 2024 Community Newsletter

We're pleased to share the April Community Newsletter, where we highlight the latest news, product releases, upcoming events, and the amazing work of our outstanding Community members.   If you're new to the Community, please make sure to follow the latest News & Announcements and check out the Community on LinkedIn as well! It's the best way to stay up-to-date with all the news from across Microsoft Power Platform and beyond.    COMMUNITY HIGHLIGHTS   Check out the most active community members of the last month! These hardworking members are posting regularly, answering questions, kudos, and providing top solutions in their communities. We are so thankful for each of you--keep up the great work! If you hope to see your name here next month, follow these awesome community members to see what they do!   Power AppsPower AutomateCopilot StudioPower PagesWarrenBelzDeenujialexander2523ragavanrajanLaurensMManishSolankiMattJimisonLucas001AmikcapuanodanilostephenrobertOliverRodriguestimlAndrewJManikandanSFubarmmbr1606VishnuReddy1997theMacResolutionsVishalJhaveriVictorIvanidzejsrandhawahagrua33ikExpiscornovusFGuerrero1PowerAddictgulshankhuranaANBExpiscornovusprathyooSpongYeNived_Nambiardeeksha15795apangelesGochixgrantjenkinsvasu24Mfon   LATEST NEWS   Business Applications Launch Event - On Demand In case you missed the Business Applications Launch Event, you can now catch up on all the announcements and watch the entire event on-demand inside Charles Lamanna's latest cloud blog.   This is your one stop shop for all the latest Copilot features across Power Platform and #Dynamics365, including first-hand looks at how companies such as Lenovo, Sonepar, Ford Motor Company, Omnicom and more are using these new capabilities in transformative ways. Click the image below to watch today!   Power Platform Community Conference 2024 is here! It's time to look forward to the next installment of the Power Platform Community Conference, which takes place this year on 18-20th September 2024 at the MGM Grand in Las Vegas!   Come and be inspired by Microsoft senior thought leaders and the engineers behind the #PowerPlatform, with Charles Lamanna, Sangya Singh, Ryan Cunningham, Kim Manis, Nirav Shah, Omar Aftab and Leon Welicki already confirmed to speak. You'll also be able to learn from industry experts and Microsoft MVPs who are dedicated to bridging the gap between humanity and technology. These include the likes of Lisa Crosbie, Victor Dantas, Kristine Kolodziejski, David Yack, Daniel Christian, Miguel Félix, and Mats Necker, with many more to be announced over the coming weeks.   Click here to watch our brand-new sizzle reel for #PPCC24 or click the image below to find out more about registration. See you in Vegas!       Power Up Program Announces New Video-Based Learning Hear from Principal Program Manager, Dimpi Gandhi, to discover the latest enhancements to the Microsoft #PowerUpProgram. These include a new accelerated video-based curriculum crafted with the expertise of Microsoft MVPs, Rory Neary and Charlie Phipps-Bennett. If you’d like to hear what’s coming next, click the image below to find out more!   UPCOMING EVENTS Microsoft Build - Seattle and Online - 21-23rd May 2024 Taking place on 21-23rd May 2024 both online and in Seattle, this is the perfect event to learn more about low code development, creating copilots, cloud platforms, and so much more to help you unleash the power of AI.   There's a serious wealth of talent speaking across the three days, including the likes of Satya Nadella, Amanda K. Silver, Scott Guthrie, Sarah Bird, Charles Lamanna, Miti J., Kevin Scott, Asha Sharma, Rajesh Jha, Arun Ulag, Clay Wesener, and many more.   And don't worry if you can't make it to Seattle, the event will be online and totally free to join. Click the image below to register for #MSBuild today!   European Collab Summit - Germany - 14-16th May 2024 The clock is counting down to the amazing European Collaboration Summit, which takes place in Germany May 14-16, 2024. #CollabSummit2024 is designed to provide cutting-edge insights and best practices into Power Platform, Microsoft 365, Teams, Viva, and so much more. There's a whole host of experts speakers across the three-day event, including the likes of Vesa Juvonen, Laurie Pottmeyer, Dan Holme, Mark Kashman, Dona Sarkar, Gavin Barron, Emily Mancini, Martina Grom, Ahmad Najjar, Liz Sundet, Nikki Chapple, Sara Fennah, Seb Matthews, Tobias Martin, Zoe Wilson, Fabian Williams, and many more.   Click the image below to find out more about #ECS2024 and register today!     Microsoft 365 & Power Platform Conference - Seattle - 3-7th June If you're looking to turbo boost your Power Platform skills this year, why not take a look at everything TechCon365 has to offer at the Seattle Convention Center on June 3-7, 2024.   This amazing 3-day conference (with 2 optional days of workshops) offers over 130 sessions across multiple tracks, alongside 25 workshops presented by Power Platform, Microsoft 365, Microsoft Teams, Viva, Azure, Copilot and AI experts. There's a great array of speakers, including the likes of Nirav Shah, Naomi Moneypenny, Jason Himmelstein, Heather Cook, Karuana Gatimu, Mark Kashman, Michelle Gilbert, Taiki Y., Kristi K., Nate Chamberlain, Julie Koesmarno, Daniel Glenn, Sarah Haase, Marc Windle, Amit Vasu, Joanne C Klein, Agnes Molnar, and many more.   Click the image below for more #Techcon365 intel and register today!     For more events, click the image below to visit the Microsoft Community Days website.      

Users online (2,934)