2

We are trying to use the Microsoft Graph Toolkit people picker in a Microsoft Teams tab app we are creating. We are writing the app in angular JS hosted in an Azure Web App.

We don't want to prompt the user for their credentials prior to using the people picker, as the user will have already authenticated to access the Microsoft Teams environment.

Is this currently possible? I've seen some posts about MSAL not being able to silently authenticate when running in an iframe, like when using a web hosted app in Teams. Is this also true for the Teams Authentication Provider?

We have verified that we can silently authenticate using ADAL. A login panel flashes up for less than a second, which is mildly annoying, but fine. Can the Microsoft Graph Toolkit use ADAL for it's authentication? Is there another option we should consider?

Ivan Wilson
  • 403
  • 3
  • 12
  • Microsoft Graph Toolkit implements MSALProvider, Sharepoint Provider and Teams Provider to authenticate and access token for all graph api component. Please take a look at [Microsoft Graph Tool Kit Provider](https://learn.microsoft.com/en-us/graph/toolkit/providers) – Trinetra-MSFT Nov 01 '19 at 06:41
  • 1
    Thanks @Trinetra-MSFT. In the project's GitHub issue list for the Microsoft Graph Toolkit project, issue #92 states: "The teams provider needs to use the login hint received from the Teams sdk and attempt to silently sign in a user before doing an interactive sign in. This will improve the experience and avoid unnecessary sign in" https://github.com/microsoftgraph/microsoft-graph-toolkit/issues/92 – Ivan Wilson Nov 01 '19 at 08:09
  • 1
    Yes, There is some work around for Teams Provider and also adding Custom Add In provider to authenticate with MS Graph Toolkit. – Trinetra-MSFT Nov 01 '19 at 08:21
  • Can you provide details of the workarounds? – Ivan Wilson Nov 02 '19 at 23:24
  • Sorry we don't have information to share with you, However once the work is completed it will be updated on [What's New](https://learn.microsoft.com/en-us/microsoftteams/platform/whats-new). – Trinetra-MSFT Nov 04 '19 at 04:13
  • Are you already authentication with ADAL and able to call graph apis. If so, the toolkit can use your existing authentication by either using the SimpleProvider or creating a new provider: Take a look at the custom provider docs: https://learn.microsoft.com/en-us/graph/toolkit/providers/custom – Nikola Metulev Dec 04 '19 at 22:53

1 Answers1

1

Yes, you can use it directly in your teams tab app through teams toolkit extension.

Here is already a graph toolkit people picker sample: https://github.com/OfficeDev/TeamsFx-Samples/tree/dev/graph-toolkit-contact-exporter

If already have authenticated the user, then you can write your owner auth provider like this one: https://github.com/microsoftgraph/microsoft-graph-toolkit/tree/main/packages/providers/mgt-teamsfx-provider

SLdragon
  • 1,477
  • 16
  • 19