-
Notifications
You must be signed in to change notification settings - Fork 99
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to use SSO with tenants that enforce device management compliance policy. #541
Comments
This looks very similar to this. I wonder if the underlying WebView2 control has the same flag set by Excel. I tried researching but I couldn't find an option to set it through the manifest.xml or Excel settings. |
If you suspect it's a problem with webview2 you can try using different web views in you project by running the following command (where is one of 'edge-chromium' (webview2) or 'edge-legacy' (webview) or 'ie' (ie webview): npx office-addin-dev-settings webview manifest.xml |
Thanks. Changing it to edge-legacy seems to work, allowing me to query the graph and populate the cells in Excel. This is fine for dev but not a solution for a published version as it relies on running that command. Is there a configuration missing if webview2 is chosen? |
I just followed all the steps on your issue and managed to follow the tutorial as normal with no errors on webview 2 (which was the one you were having trouble with). Could you try rerunning the SSO configuration you ran on another device? Just to see if you can get it to work right away with webview2, as there may be something we are missing. |
To clarify, for readers and folks on Office's engineering end. If the legacy Edge control works for you, then what is failing here is the fallback that uses the Dialog API, not the SSO API itself, the SSO API does not depend on what WebView control you use. |
The SSO template has been updated significantly in recent months. Please try it out on a new project and re-open this (or log a new issue) if you are still encountering problems. |
Expected behavior
On a machine registed in AAD and with a valid compliance status, I expect to be able to sign in to my tenant inside an Excel add-in, even if the tenant enforces device compliance.
Current behavior
Using the [SSO quickstart] (https://docs.microsoft.com/en-us/office/dev/add-ins/quickstarts/sso-quickstart), signing in results in an compliance error as the device state does not meet my tenant's requirements. The details show my device is considered "Unregistered" inside the add-in but sign in works normally in a browser. Device is AAD joined.
Steps to Reproduce
Please provide detailed steps for reproducing the issue.
Context
Please provide any relevant information about your setup. This is important in case the issue is not reproducible except for under certain conditions.
Failure Logs
The text was updated successfully, but these errors were encountered: