cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Anonymous
Not applicable

How to configure SSO on a intranet page (SharePoint)

Hi,

 

I have been trying to configure SSO on our organization SharePoint website using PVA. But I don't see it to be working. I have been referring to the below URLs:

 

SSO doc 

https://docs.microsoft.com/en-us/power-virtual-agents/configure-sso#:~:text=Power%20Virtual%20Agents....

 

GitHub Sample code doc

https://github.com/microsoft/PowerVirtualAgentsSamples/blob/master/BuildYourOwnCanvasSamples/3.singl...


I have created a HTML file adding the SSO code provided from the above doc and published in the SharePoint website. I do not wish to see the login sign in card which asks to pass the token rather I need to Sign-in directly once I click the Chatbot button.

 

pva1.png

 

I have also posted regarding the same in the past as well. But no luck. Any help is much appreciated. 

 

Regards,

Hemanth

1 ACCEPTED SOLUTION

Accepted Solutions
Anonymous
Not applicable

Hi @Anonymous 

 

Not sure if you are still facing issue with SSO working. I have got this issue fixed on my end and would like to share some inputs on that

 

1) I have seen the behavior of SSO and login that shows up in PVA bot is not consistent among browsers. Also you may be aware that the login status is stored in local stroage/session as specified in the MSAL.

 

2) I also saw that the code in github had issues related to how userId is passed. The particular line that was causing this login to come was this one below:

 

var userID = clientApplication.account!=null && clientApplication.account.accountIdentifier != null ?
("<Prefix>" + clientApplication.account.accountIdentifier).substr(0, 64) :
(Math.random().toString() + Date.now().toString()).substr(0, 64); // Make sure this will not exceed 64 characters

 

The userID is being used in the webchat to pass the UserID and this is supposed to be the User Id from AAD which is not the case with the <Prefix>. I fixed this to pass just the Id and no prefix.

 

var userID = clientApplication.account!=null && clientApplication.account.accountIdentifier != null ?
clientApplication.account.accountIdentifier:
(Math.random().toString() + Date.now().toString()).substr(0, 64); // Make sure this will not exceed 64 characters

 

This should take care of passing right UserID

 

if (action.type === 'DIRECT_LINE/CONNECT_FULFILLED')
{
/*
dispatch({
type: 'WEB_CHAT/SEND_EVENT',
payload: {
name: 'startConversation',
type: 'event',
value: {
text: "Hello"
}
}
});
return next(action);
*/
}

 

This is the code that is causing the Login to appear always. One more fix which I did in my case is to force the user login to happen before the webchat is displayed. This will make sure that the user token is created when webchat is initialized and what I have noticed is that after the below MSAL js changes, I never see a Login box in the chat.

 

if (!clientApplication)
{
clientApplication = new Msal.UserAgentApplication(msalConfig);
clientApplication.handleRedirectCallback(authRedirectCallBack);

//Below code will silently try to get token without popup. If there is no login already exists it will throw exception.
//As 2nd step, Login will be forced using LoginRedirect method
var newRequest =
{
scopes: ["user.read", 'openid', 'profile'],
}

clientApplication.acquireTokenSilent(newRequest).then(function(response)
{
//Now get the user display name
let user = clientApplication.getAccount();
document.getElementById("divUser").style.display="block";
document.getElementById("userName").innerHTML = " " + user.name;
}
).catch(function (error)
{
document.getElementById("divUser").style.display="block";
//Now get the user display name
document.getElementById("userName").innerHTML = "Not Logged in";
$('#divPopup').modal({backdrop: 'static',keyboard: false});
setTimeout(function()
{
//Now redirect to URI so that token will be created
clientApplication.loginRedirect(newRequest);

}, 2000);
});
}

 

The above code is trying to get token silently and if that fails it just forces login using redirect. This will make sure that first time user logs in, it will force token to be created and then it will be stored in local storage.

 

After this fix, my bot works fine all the time in the external web page. Hope this helps. Do not hesitate to ask any further questions.

View solution in original post

26 REPLIES 26
Anonymous
Not applicable

Hi @Anonymous 

 

Not sure if you are still facing issue with SSO working. I have got this issue fixed on my end and would like to share some inputs on that

 

1) I have seen the behavior of SSO and login that shows up in PVA bot is not consistent among browsers. Also you may be aware that the login status is stored in local stroage/session as specified in the MSAL.

 

2) I also saw that the code in github had issues related to how userId is passed. The particular line that was causing this login to come was this one below:

 

var userID = clientApplication.account!=null && clientApplication.account.accountIdentifier != null ?
("<Prefix>" + clientApplication.account.accountIdentifier).substr(0, 64) :
(Math.random().toString() + Date.now().toString()).substr(0, 64); // Make sure this will not exceed 64 characters

 

The userID is being used in the webchat to pass the UserID and this is supposed to be the User Id from AAD which is not the case with the <Prefix>. I fixed this to pass just the Id and no prefix.

 

var userID = clientApplication.account!=null && clientApplication.account.accountIdentifier != null ?
clientApplication.account.accountIdentifier:
(Math.random().toString() + Date.now().toString()).substr(0, 64); // Make sure this will not exceed 64 characters

 

This should take care of passing right UserID

 

if (action.type === 'DIRECT_LINE/CONNECT_FULFILLED')
{
/*
dispatch({
type: 'WEB_CHAT/SEND_EVENT',
payload: {
name: 'startConversation',
type: 'event',
value: {
text: "Hello"
}
}
});
return next(action);
*/
}

 

This is the code that is causing the Login to appear always. One more fix which I did in my case is to force the user login to happen before the webchat is displayed. This will make sure that the user token is created when webchat is initialized and what I have noticed is that after the below MSAL js changes, I never see a Login box in the chat.

 

if (!clientApplication)
{
clientApplication = new Msal.UserAgentApplication(msalConfig);
clientApplication.handleRedirectCallback(authRedirectCallBack);

//Below code will silently try to get token without popup. If there is no login already exists it will throw exception.
//As 2nd step, Login will be forced using LoginRedirect method
var newRequest =
{
scopes: ["user.read", 'openid', 'profile'],
}

clientApplication.acquireTokenSilent(newRequest).then(function(response)
{
//Now get the user display name
let user = clientApplication.getAccount();
document.getElementById("divUser").style.display="block";
document.getElementById("userName").innerHTML = " " + user.name;
}
).catch(function (error)
{
document.getElementById("divUser").style.display="block";
//Now get the user display name
document.getElementById("userName").innerHTML = "Not Logged in";
$('#divPopup').modal({backdrop: 'static',keyboard: false});
setTimeout(function()
{
//Now redirect to URI so that token will be created
clientApplication.loginRedirect(newRequest);

}, 2000);
});
}

 

The above code is trying to get token silently and if that fails it just forces login using redirect. This will make sure that first time user logs in, it will force token to be created and then it will be stored in local storage.

 

After this fix, my bot works fine all the time in the external web page. Hope this helps. Do not hesitate to ask any further questions.

Anonymous
Not applicable

Hi @Anonymous 

 

Thanks a lot for responding back..

 

Yes, I still face issues with SSO. Below is the code that I am using to achieve SSO. I have added the changes that was told by you to my code. I do not want to use the login button since I have already logged into my SharePoint website.

 

<!DOCTYPE html>
<html>
  <head>
    <title>Virtual Agent</title>
    <script src="https://cdn.botframework.com/botframework-webchat/latest/webchat.js"></script>

    <script
      type="text/javascript"
      src="https://alcdn.msauth.net/lib/1.2.0/js/msal.js"></script>

    <script
      src="https://unpkg.com/@azure/storage-blob@10.3.0/browser/azure-storage.blob.min.js"
      integrity="sha384-fsfhtLyVQo3L3Bh73qgQoRR328xEeXnRGdoi53kjo1uectCfAHFfavrBBN2Nkbdf"
      crossorigin="anonymous"></script>

    <script type="text/javascript">
      if (typeof Msal === "undefined")
        document.write(
          unescape(
            "%3Cscript src='https://alcdn.msftauth.net/lib/1.2.0/js/msal.js' type='text/javascript' %3E%3C/script%3E"
          )
        );
    </script>

    <style>
      html,
      body {
        height: 100%;
      }

      body {
        margin: 0;
      }

      .modal {
        display: none; /* Hidden by default */
        position: fixed; /* Stay in place */
        z-index: 1; /* Sit on top */
        padding-top: 100px; /* Location of the box */
        left: 0;
        top: 0;
        width: 100%; /* Full width */
        height: 100%; /* Full height */
        overflow: auto; /* Enable scroll if needed */
        background-color: rgb(0, 0, 0); /* Fallback color */
        background-color: rgba(0, 0, 0, 0.4); /* Black w/ opacity */
      }

      .modal-content {
        background-color: #fefefe;
        margin: auto;
        padding: 10px;
        border: 1px solid #888;
        width: 500px;
        height: 575px;
      }
      .close {
        color: black;
        float: right;
        font-size: 28px;
        font-weight: bold;
      }

      .close:hover,
      .close:focus {
        color: #000;
        text-decoration: none;
        cursor: pointer;
      }

      .main {
        margin: 18px;
        border-radius: 4px;
      }

      div[role="form"] {
        background-color: #3392ff;
      }

      #webchat {
        position: center;
        height: 530px;
        width: 100%;
        top: 60px;
        overflow: hidden;
      }
      #heading {
        padding-bottom: 5px;
      }

      h1 {
        font-size: 14px;
        font-family: Segoe UI;
        font-style: normal;
        font-weight: 600;
        font-size: 14px;
        line-height: 20px;
        color: #f3f2f1;
        letter-spacing: 0.005em;
        display: table-cell;
        vertical-align: middle;
        padding: 13px 0px 0px 20px;
      }

      #login {
        position: fixed;
        margin-left: 150px;
      }

      .span {
        font-weight: bold;
      }
      #myBtn {
        position: fixed;
        float: right;
        outline: none;
        width: 60px;
        height: 80px;
        margin: auto auto auto 10px;
      }
      button:hover {
        background-color: transparent;
      }
    </style>
  </head>
  <body>

    <button id="myBtn" type="button">Power Virtual Agent</button>

    <button id="login" name="login" onclick="onSignInClick()" style="background-color: aliceblue">Log In</button>

    <div id="myModal" class="modal">

      <div class="modal-content" style="background-color: #ffd933">

        <span class="close">&times;</span>
        <div id="chatwindow">
          <div id="heading">
            <span class="span"><strong>Virtual Agent</strong></span>
            <label id="divUser" name="divUser" style="width: 75%; height: 15px; border-color: Transparent"></label>
            <label id="userName" name="userName" style="width: 75%; height: 15px; border-color: Transparent">Not logged in.</label>
          </div>
          <div id="webchat"></div>
        </div>
      </div>
    </div>

    <script>

      var modal = document.getElementById("myModal");
      var btn = document.getElementById("myBtn");
      var span = document.getElementsByClassName("close")[0];
      btn.onclick = function () {
        modal.style.display = "block";
      };
      span.onclick = function () {
        modal.style.display = "none";
      };
      window.onclick = function (event) {
        if (event.target == modal) {
          modal.style.display = "none";
        }
      };

    </script>

    <script>
      function onSignin(idToken) {
        let user = clientApplication.getAccount();
        alert("User: " + JSON.stringify(user));

        document.getElementById("userName").innerHTML = "Currently logged in as " + user.name;
        let requestObj1 = {
          scopes: ["user.read", "openid", "profile"],
        };
      }

      function onSignInClick() {
        let user = clientApplication.getAccount();
        let requestObj = {
          scopes: ["user.read", "openid", "profile"],
        };

        clientApplication.loginPopup(requestObj).then(onSignin).catch(function (error) {
            console.log("error: " + error);
          });
      }

      function getOAuthCardResourceUri(activity) {
        if (
          activity &&
          activity.attachments &&
          activity.attachments[0] &&
          activity.attachments[0].contentType === "application/vnd.microsoft.card.oauth" &&
          activity.attachments[0].content.tokenExchangeResource)
          {
          return activity.attachments[0].content.tokenExchangeResource.uri;
          }
      }

      function exchangeTokenAsync(resourceUri) {
        let user = clientApplication.getAccount();

        if (user) {
          console.log("User exist " + JSON.stringify(user));

          let requestObj = {
            scopes: [resourceUri],
          };
          console.log("RequestObj: " + JSON.stringify(requestObj));

          return clientApplication.acquireTokenSilent(requestObj).then(function (tokenResponse) {
              console.log("ExchangeTokenAsync requestObj: " + tokenResponse.accessToken);
              return tokenResponse.accessToken;
            })
            .catch(function (error) {
              console.log("ExchangeTokenAsync error: " + error);
            });
        } else {
          return Promise.resolve(null);
        }
      }

      async function fetchJSON(url, options = {}) {
        const res = await fetch(url, {
          ...options,
          headers: {
            ...options.headers,
            accept: "application/json",
          },
        });

        if (!res.ok) {
          throw new Error(`Failed to fetch JSON due to ${res.status}`);
        }

        return await res.json();
      }
    </script>

    <script>
      var clientApplication;

      (function () {
        var msalConfig = {
          auth: {
            clientId: "<Removed Canvas Client ID>",
            authority:"https://login.microsoftonline.com/<Removed Directory ID>",
          },
          cache: {
            cacheLocation: "localStorage",
            storeAuthStateInCookie: false,
          },
        };
        if (!clientApplication) {
          clientApplication = new Msal.UserAgentApplication(msalConfig);

          // I get an error stating "Uncaught ReferenceError: authRedirectCallBack is not defined"
          clientApplication.handleRedirectCallback(authRedirectCallBack);

          //Below code will silently try to get token without popup. If there is no login already exists it will throw exception.
          //As 2nd step, Login will be forced using LoginRedirect method
          var newRequest = {
            scopes: ["user.read", "openid", "profile"],
          };

          clientApplication.acquireTokenSilent(newRequest).then(function (response)
          {
              //Now get the user display name
              let user = clientApplication.getAccount();
              document.getElementById("divUser").style.display = "block";
              document.getElementById("userName").innerHTML = " " + user.name;
          })
          .catch(function (error)
          {
              document.getElementById("divUser").style.display = "block";
              //Now get the user display name
              document.getElementById("userName").innerHTML = "Not Logged in";
              $("#divPopup").modal({ backdrop: "static", keyboard: false });
              setTimeout(function ()
              {
                //Now redirect to URI so that token will be created
                clientApplication.loginRedirect(newRequest);
              }, 2000);
          });
        }
      })();

      (async function main() {

        var BOT_ID = "<Removed BOT ID>";
        var theURL = "https://powerva.microsoft.com/api/botmanagement/v1/directline/directlinetoken?botId=" + BOT_ID;

        var userId = clientApplication.account!=null && clientApplication.account.accountIdentifier != null ? clientApplication.account.accountIdentifier: (Math.random().toString() + Date.now().toString()).substr(0, 64); // Make sure this will not exceed 64 characters

        console.log("Async function main userId: " + userId);

        const { token } = await fetchJSON(theURL);
        const directLine = window.WebChat.createDirectLine({ token });
        const store = WebChat.createStore(
          {},
          ({ dispatch }) => (next) => (action) => {
            const { type } = action;
            if (action.type === "DIRECT_LINE/CONNECT_FULFILLED")
            {

              /*dispatch({
                type: "WEB_CHAT/SEND_EVENT",
                payload: {
                  name: "startConversation",
                  type: "event",
                  value: { text: "hello" },
                },
              });
              return next(action);*/

            }
            if (action.type === "DIRECT_LINE/INCOMING_ACTIVITY")
            {
              const activity = action.payload.activity;
              let resourceUri;
              if (activity.from && activity.from.role === "bot" &&(resourceUri = getOAuthCardResourceUri(activity)))
              {
                exchangeTokenAsync(resourceUri).then(function (token) {
                  if (token) {
                    directLine.postActivity({
                        type: "invoke",
                        name: "signin/tokenExchange",
                        value: {
                          id:activity.attachments[0].content.tokenExchangeResource.id,
                          connectionName:activity.attachments[0].content.connectionName,
                          token,
                        },
                        from: {
                          id: userId,
                          name: clientApplication.account.name,
                          role: "user",
                        },
                      }).subscribe((id) => {

                          console.log("id: " + id);

                          if (id === "retry")
                          {
                            console.log(`Bot was not able to handle the invoke, so display the oauthCard`);
                            return next(action);
                          }
                          console.log(`Else: tokenexchange successful and we do not display the oauthCard`);
                        },
                        (error) => {
                          console.log(`An error occurred to display the oauthCard`);
                          return next(action);
                        }
                      );
                    return;
                  } else return next(action);
                });
              } else return next(action);
            } else return next(action);
          }
        );

        const styleOptions = {
          // Add styleOptions to customize Web Chat canvas
       	 hideUploadButton: true
        };

        window.WebChat.renderWebChat(
          {
            directLine: directLine,
            store,
            userID: userId,
            styleOptions,
          },
          document.getElementById("webchat")
        );
      })().catch((err) => console.error("An error occurred: " + err));
    </script>
  </body>
</html>

 

I am getting an error stating

"Uncaught ReferenceError: authRedirectCallBack is not defined"  from the below line of code.
clientApplication.handleRedirectCallback(authRedirectCallBack);

 

So I just created a function

 

function authRedirectCallBack(error, response) {
if (error) {
console.log(error);
}
}
 
And I saw my name to be displayed on the label tag on the bot screen as below.
a1.jpg
 

I also see the below error as well

webchat.js:2 POST https://directline.botframework.com/v3/directline/conversations/6EES0CsPuThCYcqw3AK1Cb-6/activities 502

 

It always entry into the id === "retry" block of code.

 

if (id === "retry")
{
console.log(`Bot was not able to handle the invoke, so display the oauthCard`);
return next(action);
}

 

I still get the login box when I start to chat with my bot. 

 

Can you please help me solve this. Thanks.

Anonymous
Not applicable

@Anonymous ,

 

With this approach, the redirect URL needs to be passed

 

var msalConfig = 
	{
		auth: 
		{
	    	clientId: '', //Client Id of the AAD Aopp
	   		authority: 'https://login.microsoftonline.com/<TenantId>', //Login
	    	redirectUri: "<SharePoint Page where Bot will be hosted>", //URL that MSAL will redirect to when token is created
	    	navigateToLoginRequestUrl: false //Flag whether to navigate to page if token is not found
		},
	   	cache: 
	   	{
	     cacheLocation: 'localStorage', //Where to store the token information - Local storage
	     storeAuthStateInCookie: false //Whether to store auth information in cookie
	   	}
	};


if (!clientApplication) 
{
		clientApplication = new Msal.UserAgentApplication(msalConfig);
		clientApplication.handleRedirectCallback(authRedirectCallBack);	
}

function authRedirectCallBack(error, response) 
{
    //Do Nothing Here since we don't come back to this page.
    
}

Also make sure to add the redirect url of the SharePoint page where the bot is hosted in AAD App redirect Uri otherwise you will receive a error. 

 

Also can you check your AAD App settings to make sure the configuration is correct. Make sure to add your redirect uri.

 

Hope this helps.

Anonymous
Not applicable

@Anonymous 

 

Thank you, I have done the code changes as above. But no luck. I still see the login card.


Below is the code section of MSAL and the main method.

<script>
      var clientApplication;

      (function () {
        var msalConfig =
	       {
		     auth:
		          {
	    	         clientId: '<Have removed the Client ID>', //Client Id of the AAD Aopp
	   		         authority: 'https://login.microsoftonline.com/<Have removed the Directory ID>', //Login
	    	         redirectUri: "https://<org name>.sharepoint.com/sites/testing/MT/project/SitePages/Home.aspx", //URL that MSAL will redirect to when token is created
	    	         navigateToLoginRequestUrl: false //Flag whether to navigate to page if token is not found
		          },
	   	  cache:
	   	        {
	               cacheLocation: 'localStorage', //Where to store the token information - Local storage
	               storeAuthStateInCookie: false //Whether to store auth information in cookie
	   	        }
	       };

             if (!clientApplication)
             {
		             clientApplication = new Msal.UserAgentApplication(msalConfig);
		             clientApplication.handleRedirectCallback(authRedirectCallBack);
             }

      function authRedirectCallBack(error, response)
      {
        //Do Nothing Here since we don't come back to this page.

      }


          //Below code will silently try to get token without popup. If there is no login already exists it will throw exception.
          //As 2nd step, Login will be forced using LoginRedirect method
          var newRequest = {
            scopes: ["user.read", "openid", "profile"],
          };

          clientApplication.acquireTokenSilent(newRequest).then(function (response)
          {
              //Now get the user display name
              let user = clientApplication.getAccount();
              document.getElementById("divUser").style.display = "block";
              document.getElementById("userName").innerHTML = " " + user.name;
          })
          .catch(function (error)
          {
              document.getElementById("divUser").style.display = "block";
              //Now get the user display name
              document.getElementById("userName").innerHTML = "Not Logged in";
              $("#divPopup").modal({ backdrop: "static", keyboard: false });
              setTimeout(function ()
              {
                //Now redirect to URI so that token will be created
                clientApplication.loginRedirect(newRequest);
              }, 2000);
          });
      })();

      (async function main() {

        var BOT_ID = "<Have removed the Bot ID>";
        var theURL = "https://powerva.microsoft.com/api/botmanagement/v1/directline/directlinetoken?botId=" + BOT_ID;

        var userId = clientApplication.account!=null && clientApplication.account.accountIdentifier != null ? clientApplication.account.accountIdentifier: (Math.random().toString() + Date.now().toString()).substr(0, 64); // Make sure this will not exceed 64 characters

        console.log("Async function main userId: " + userId);

        const { token } = await fetchJSON(theURL);
        const directLine = window.WebChat.createDirectLine({ token });
        const store = WebChat.createStore(
          {},
          ({ dispatch }) => (next) => (action) => {
            const { type } = action;
            if (action.type === "DIRECT_LINE/CONNECT_FULFILLED")
            {
              /*
              dispatch({
                type: "WEB_CHAT/SEND_EVENT",
                payload: {
                  name: "startConversation",
                  type: "event",
                  value: { text: "hello" },
                },
              });
              return next(action);
              */
            }
            if (action.type === "DIRECT_LINE/INCOMING_ACTIVITY")
            {
              const activity = action.payload.activity;
              let resourceUri;
              if (activity.from && activity.from.role === "bot" &&(resourceUri = getOAuthCardResourceUri(activity)))
              {
                exchangeTokenAsync(resourceUri).then(function (token) {
                  if (token) {
                    directLine.postActivity({
                        type: "invoke",
                        name: "signin/tokenExchange",
                        value: {
                          id:activity.attachments[0].content.tokenExchangeResource.id,
                          connectionName:activity.attachments[0].content.connectionName,
                          token,
                        },
                        from: {
                          id: userId,
                          name: clientApplication.account.name,
                          role: "user",
                        },
                      }).subscribe((id) => {

                          console.log("id: " + id);

                          if (id === "retry")
                          {
                            console.log(`Bot was not able to handle the invoke, so display the oauthCard`);
                            return next(action);
                          }
                          console.log(`Else: tokenexchange successful and we do not display the oauthCard`);
                        },
                        (error) => {
                          console.log(`An error occurred to display the oauthCard`);
                          return next(action);
                        }
                      );
                    return;
                  } else return next(action);
                });
              } else return next(action);
            } else return next(action);
          }
        );

        const styleOptions = {
          // Add styleOptions to customize Web Chat canvas
       	 hideUploadButton: true
        };

        window.WebChat.renderWebChat(
          {
            directLine: directLine,
            store,
            userID: userId,
            styleOptions,
          },
          document.getElementById("webchat")
        );
      })().catch((err) => console.error("An error occurred: " + err));
    </script>

 

Below is code section of all functions

  <script>
      function onSignin(idToken) {
        let user = clientApplication.getAccount();
        alert("User: " + JSON.stringify(user));

        document.getElementById("userName").innerHTML = "Currently logged in as " + user.name;
        let requestObj1 = {
          scopes: ["user.read", "openid", "profile"],
        };
      }

      function onSignInClick() {
        let user = clientApplication.getAccount();
        let requestObj = {
          scopes: ["user.read", "openid", "profile"],
        };

        clientApplication.loginPopup(requestObj).then(onSignin).catch(function (error) {
            console.log("error: " + error);
          });
      }

      function getOAuthCardResourceUri(activity) {
        if (
          activity &&
          activity.attachments &&
          activity.attachments[0] &&
          activity.attachments[0].contentType === "application/vnd.microsoft.card.oauth" &&
          activity.attachments[0].content.tokenExchangeResource)
          {
          return activity.attachments[0].content.tokenExchangeResource.uri;
          }
      }

      function exchangeTokenAsync(resourceUri) {
        let user = clientApplication.getAccount();

        if (user) {
          console.log("User exist " + JSON.stringify(user));

          let requestObj = {
            scopes: [resourceUri],
          };
          console.log("RequestObj: " + JSON.stringify(requestObj));

          return clientApplication.acquireTokenSilent(requestObj).then(function (tokenResponse) {
              console.log("ExchangeTokenAsync requestObj: " + tokenResponse.accessToken);
              return tokenResponse.accessToken;
            })
            .catch(function (error) {
              console.log("ExchangeTokenAsync error: " + error);
            });
        } else {
          return Promise.resolve(null);
        }
      }

      async function fetchJSON(url, options = {}) {
        const res = await fetch(url, {
          ...options,
          headers: {
            ...options.headers,
            accept: "application/json",
          },
        });

        if (!res.ok) {
          throw new Error(`Failed to fetch JSON due to ${res.status}`);
        }

        return await res.json();
      }
    </script>


I have added the SharePoint redirect uri in the code and on the AAD app as well.

The SSO configuration in Azure AD are done as per the doc provided by Microsoft.

 

Azure Canvas/SSO App registration

azure2.jpg

 

Azure Authentication App registration

azure3.jpg

 

In the console I see the below error

 

POST https://directline.botframework.com/v3/directline/conversations/52jH6J9MMCFFFk77eFTDHO-f/activities 502

 

And as the id is "retry" it enters into the if block of (id==='retry') so the login card always shows up.

Anonymous
Not applicable

I rally have not seen this error. This certainly means the bot is not able to communicate may be due to token exchange issue. Can you verify your bot token exchange url and make sure it is update in AAD app as well as PVA settings? Also the error 502 means some kind of user error. Can you try to step through the code and put a breakpoint to see what part f the code is failing. As the user tries to talk to bot, the request and response changes. Check that out

Anonymous
Not applicable

@Anonymous 

I did try to add break points and try to check which step is failing, But I am not able to figure which step fails from the code, as per the below snapshot I could see my name being passed but the end I still see the login card on by chatbot.

 

code.jpg

 

Both the redirect uri on the AAD app registration and on code are same. I have done all the code changes as updated by you. Not sure what is causing this issue. 

Anonymous
Not applicable

@Anonymous  The reason why you are seeing your user name is due to MSAL authenticating. I think the issue is with exchangeTokenAsync(). Can you debug into this and see what is happening after receiving the token. Did you check your token exchange Url to match with AAD app? 

Anonymous
Not applicable

@Anonymous 

 

The token exchange Uri that I have added in the PVA Authentication section and the AAD Canvas app both matches.

Please find the below snapshot of exchangeTokenAsync() function code with breakpoint

 

code2.jpg

Below error is what i see on my console as well.

code1.jpg

Anonymous
Not applicable

Hi @Anonymous 

 

I was successfully able to achieve SSO. I did the changes on the PVA Authentication section by changing the Service Provider from Generic OAuth 2 to Azure Active Directory V2 which was the main reason for the POST error that I was getting in the console. By doing this and the code changes that you have provided me help me a lot to successfully achieve SSO. Many Thanks.

Helpful resources

Announcements

Celebrating a New Season of Super Users with Charles Lamanna, CVP Microsoft Business Applications

February 8 was the kickoff to the 2024 Season One Super User program for Power Platform Communities, and we are thrilled to welcome back so many returning Super Users--as well as so many brand new Super Users who started their journey last fall. Our Community Super Users are the true heroes, answering questions, providing solutions, filtering spam, and so much more. The impact they make on the Communities each day is significant, and we wanted to do something special to welcome them at our first kickoff meeting of the year.   Charles Lamanna, Microsoft CVP of Business Applications, has stressed frequently how valuable our Community is to the growth and potential of Power Platform, and we are honored to share this message from him to our 2024 Season One Super Users--as well as anyone who might be interested in joining this elite group of Community members.     If you want to know more about Super Users, check out these posts for more information today:    Power Apps: What is A Super User? - Power Platform CommunityPower Automate: What is A Super User? - Power Platform Community Copilot Studio: What is A Super User? - Power Platform Community Power Pages: What is A Super User? - Power Platform Community

February 2024 User Group Update: Welcoming New Groups and Highlighting Upcoming Events

It's a new month and a brand-new year, which means another opportunity to celebrate our amazing User Groups!Each month, we highlight the new User Groups that have joined the community. It's been a busy season for new groups, because we are thrilled to welcome 15 New User Groups! Take a look at the list below, shared by the different community categories. If your group is listed here, give this post a kudo so we can celebrate with you!   We love our User Groups and the difference they make in the lives of our Community! Thank you to all the new User Groups, new User Group leaders--we look forward to hearing about your successes and the impact you will leave!   In addition to our monthly User Group spotlight, it's a great time to share some of the latest events happening in our User Group community! Take a look at the list below to find one that fits your schedule and need! There's a great combination of in-person and virtual events to choose from. Also, don't forget to review the many events happening near you or virtually! It's a great time of year to connect and engage with User Groups both locally and online. Please Welcome Our NEW User Groups   Power Platform: Heathcare Power Platform User Group Power Platform Connect Hub Power Platform Usergroup Denmark Mexico Norte- Power Platform User Group Pune Power User Group Sudbury Power Platform User GroupMicrosoft User Group GhanaMPPBLR - Microsoft Power Platform Bengaluru User Group Power Apps:   Myrtle Beach Power Platform User GroupAnanseTechWB PowerApps Copilot Studio: Pathfinders Power Platform Community Dynamics365: Cairo, Egypt MSD 365 Business Central/NAV/F&O User GruopMS Dynamics 365 Business Central LatamCincinnati OH D365 F&O User Group February User Group Events February 2024 Cleveland Power Platform User GroupPortallunsj - Februar 2024Indiana D365/AX February User Group MeetingQ1 2024 KC Power Platform and Dynamics 365 CRM Users Group 

January 2024 Community Newsletter

Welcome to our January Newsletter, where we highlight the latest news, product releases, upcoming events, and the amazing work of our outstanding Community members. If you're new to the Community, please make sure to follow the latest News & Announcements in each Community and check out the Community on LinkedIn as well! It's the best way to stay up-to-date in 2024 with all the news from across Microsoft Power Platform and beyond.      COMMUNITY HIGHLIGHTS Check out the most active community members of the last month! These hardworking members are posting regularly, answering questions, giving (and receiving!) kudos, and consistently providing top solutions in their communities. We are so thankful for each of you--keep up the great work! If you hope to see your name here next month, make it your New Year's Resolution to be more active in the community in 2024.   Power AppsPower AutomateCopilot StudioPower PagesWarrenBelzWarrenBelzPstork1saudali_25LaurensMPstork1stephenrobertLucas001AARON_ClbendincpaytonSurendran_RANBNived_NambiarMariamPaulachanNikhil2JmanriqueriosANBJupyter123rodger-stmmbr1606Agniusstevesmith27mandelaPhineastrice602AnnaMoyalanOOlashynBCLS776grantjenkinsExpiscornovusJcookSpongYeAARON_CManishSolankiapangelesPstork1ManishSolankiSanju1Fubar   LATEST NEWS Power Platform 2024 Release Wave Highlights This month saw the 2024 Release Wave 1 plans for Microsoft Power Platform and Microsoft Dynamics 365- a compilation of new capabilities planned for release between April and September 2024. Click here to read Corporate Vice President Maureen (Mo) Osborne's detailed breakdown of the upcoming capabilities, and click the image below to check out some of the Power Platform 2024 Release Wave 1 highlights.     "What's New" Power Platform Shorts Series This month we also launched our brand-new 'Power Shorts' series on YouTube - a selection of super sweet snapshots to keep you in the loop with all the latest trends from across the Power Platform and beyond. Click the image below to check out the entire playlist so far, and don't forget to subscribe to our YouTube channel for all the latest updates.   Super User In Training (S.U.I.T) It was great to see the Power Platform Community officially kick off Season One of their Super User in Training (SUIT) program this month! Their first meeting saw an amazing turnout of over 300 enthusiastic participants who started their dynamic journey toward becoming Super Users. Huge thanks to Manas Maheshwari, Eric Archer, Heather Hernandez, and Duane Montague for a fantastic kick-off. The first meeting also saw seasoned Super User, Drew Poggemann, share invaluable insights on navigating the #MicrosoftCommunity with finesse. Many thanks to Drew for setting the stage and emphasizing the importance of active engagement and the art of providing thoughtful community solutions. If you want to learn more about the features and benefits of gaining Super User status, click the image below to find out more, and watch this space for more info about Season Two and how you can SUIT UP in the community!     UPCOMING EVENTS Microsoft 365 Community Day - Miami - February 1-2, 2024 It's not long now until the Microsoft 365 Community Day Miami, which will be taking place at the Wolfson Campus at Miami Dade College on 1-2 Feb. 2024. This free event is all about unlocking the full potential of Power Platform, Microsoft 365, and AI, so whether you’re a tech enthusiast, a business owner, or just curious about the latest Microsoft advancements, #M365Miami is for you.   The event is completely free and there will sessions in both English and Spanish to celebrate the vibrant and diverse make-up of our amazing community. Click the image below to join this amazing Community Day in Miami and become a part of our incredible network of learners and innovators!     Microsoft Fabric - Las Vegas - March 26-28, 2024 Exciting times ahead for the inaugural #MicrosoftFabric Community Conference on March 26-28 at the MGM Grand in Las Vegas. And if you book now, you can save $100 off registration! The Microsoft Fabric Conference will cover all the latest in analytics, AI, databases, and governance across 150+ sessions.   There will be a special Community Lounge onsite, interactive learning labs, plus you'll be able to 'Ask the Experts' all your questions to get help from data, analytics, and AI specialists, including community members and the Fabric Customer Advisory Team. Just add the code MSCUST when registering for a $100 discount today. Click the image below to find out more about the ultimate learning event for Microsoft Fabric!     Microsoft 365 Conference - Orlando - April 30 - May 2, 2024 Have you added The Microsoft 365 Conference to your community calendar yet? It happens this April 30th - May 2nd in Orlando, Florida. The 2024 Microsoft 365 Conference is one of the world’s largest gatherings of Microsoft engineers and community, with a strong focus on Power Platform, SharePoint, Azure, and the transition to an AI-powered modern workplace.   Click the image link below to find out more and be prepared to be enlightened, educated, and inspired at #M365Conf24!   LATEST COMMUNITY BLOG ARTICLES Power Apps Community Blog Power Automate Community Blog Copilot Studio Community Blog Power Pages Community Blog Check out 'Using the Community' for more helpful tips and information: Power Apps, Power Automate, Copilot Studio, Power Pages  

Super Users 2024 Season One is Here!

   We are excited to announce the first season of our 2024 Super Users is here! Our kickoff to the new year welcomes many returning Super Users and several new faces, and it's always exciting to see the impact these incredible individuals will have on the Community in 2024! We are so grateful for the daily difference they make in the Community already and know they will keep staying engaged and excited for all that will happen this year.   How to Spot a Super User in the Community:Have you ever written a post or asked for help in the Community and had it answered by a user with the Super User icon next to their name? It means you have found the actual, real-life superheroes of the Power Platform Community! Super Users are our heroes because of the way they consistently make a difference in the Community. Our amazing Super Users help keep the Community a safe place by flagging spam and letting the Community Managers know about issues. They also make the Community a great place to find answers, because they are often the first to offer solutions and get clarity on questions. Finally, Super Users share valuable insights on ways to keep the Community growing, engaging, and looking ahead!We are honored to reveal the new badges for this season of Super Users! Congratulations to all the new and returning Super Users!     To better answer the question "What is a Super User?" please check out this article: Power Apps: What is A Super User? - Power Platform CommunityPower Automate: What is A Super User? - Power Platform Community Copilot Studio: What is A Super User? - Power Platform Community Power Pages: What is A Super User? - Power Platform Community

Did You Attend the Microsoft Power Platform Conference in 2022 or 2023? Claim Your Badge Today!

If you were one of the thousands of people who joined us at the first #MPPC Microsoft Power Platform Conference in 2022 in Orlando--or attended the second-annual conference in Las Vegas in 2023--we are excited to honor you with a special community badge! Show your support for #MPPC Microsoft Power Platform Conference this year by claiming your badge!           Just follow this link to claim your badge for attending #MPPC in 2022 and/or 2023: MPPCBadgeRequest    Want to earn your badge for 2024? Just keep watching our News & Announcements for the latest updates on #MPPC24.

Microsoft Power Platform | 2024 Release Wave 1 Plan

Check out the latest Microsoft Power Platform release plans for 2024!   We have a whole host of exciting new features to help you be more productive, enhance delegation, run automated testing, build responsive pages, and so much more.    Click the links below to see not only our forthcoming releases, but to also try out some of the new features that have recently been released to market across:     Power Apps  Power Automate  Copilot Studio   We can’t wait to share with you all the upcoming releases that will help take your Power Platform experience to the next level!    Check out the entire Release Wave: Power Platform Complete Release Planner 

Users online (4,183)