Microsoft Security | Microsoft Entra | Microsoft Entra External ID
Managing external identities to enable secure access for partners, customers, and other non-employees
I can try but There is no myapps for me to select
Thanks
Cross-tenant Inbound applications
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(243.2, 65%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
BlackCat
126
Reputation points
For my external users to access our Teams, I have to change the inbound rule to allow all Microsoft Applications. If I selected Teams and Office365 only, user cannot signin. I am seeing message Failure for application "Microsoft App Access Panel".
Did I do something wrong? Is there a place I have to grant access to external users for MyApps?
Thanks
Microsoft Security | Microsoft Entra | Microsoft Entra External ID
-
Olga Os - MSFT 5,966 Reputation points Microsoft Employee2022-10-04T21:30:46.89+00:00 Hello @BlackCat ,
Kindly let me know if you have any additional questions or concerns.
I'd love to help you where I can.
Sincerely,
Olga Os -
BlackCat 126 Reputation points
2022-10-04T22:11:48.497+00:00 I am seeing allowed all application fixed the issue but that's not best practice. Is this a bug?
Thanks
-
Olga Os - MSFT 5,966 Reputation points Microsoft Employee
2022-10-04T23:28:54.753+00:00 I'd say it's the current design limitation as we can't granularly specify the "Microsoft App Access Panel" + dependencies resources in the application list.
From the sign-in logs we could see what "My Apps" app calls the different resource on the backend comparing to the "Windows App Access Panel".
I am totally agree with you what this one is not the best practice. I'll do some extra research if where are any workarounds and will update you on the same post.
Sincerely,
Olga Os -
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 20%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
slyvester 0 Reputation points2024-05-25T12:46:35.06+00:00 Request Id: 5630b85e-e6c6-4cb0-a642-8d200dc9aa00
Correlation Id: eee7312b-a4e0-452b-9d06-2a4b36e6230d
Timestamp: 2024-05-25T12:46:02Z
Message: AADSTS900561: The endpoint only accepts POST requests. Received a GET request.
Sign in to comment
6 answers
Sort by: Most helpful
-
BlackCat 126 Reputation points
2022-09-29T21:26:24.027+00:00 If I selected Office365, users getting the block error message as I sent in early screenshots
Thanks
-
Olga Os - MSFT 5,966 Reputation points Microsoft Employee
2022-09-29T21:46:29.903+00:00 Hey @BlackCat ,
I meant My Apps, not the Office365. "Microsoft App Access Panel" is not included in the Office 365 app suite list.
Honestly, you may omit testing it with adding "My Apps" as it didn't work during my own test.
From what I found at this moment, only allowing "All Apps" resolves this limitation. There is another user asked the similar question.
I am going to do some additional research and will update you if I will find any other suitable workaround.Sincerely,
Olga Os -
Sign in to comment -
-
BlackCat 126 Reputation points
2022-09-29T18:15:04.743+00:00 
-
Olga Os - MSFT 5,966 Reputation points Microsoft Employee
2022-09-29T20:57:40.687+00:00 I am just wondering, did you test by allowing My Apps? Do you get the same failure?
Sincerely,
Olga Os
Sign in to comment -
-
Olga Os - MSFT 5,966 Reputation points Microsoft Employee
2022-09-29T18:00:27.79+00:00 Hello @BlackCat ,
Welcome to the MS Q&A Forum.
As I understand, you configured inbound cross tenant access in B2B collaboration:
Could you please share which exactly error users face during the sign-in attempt?
Especially, I am wondering which Resource is being populated in the sign-in logs. There are cloud apps with dependencies to other cloud apps.
For example: The Exchange Online app is tied to traditional Exchange Online data like mail, calendar, and contact information. Related metadata may be exposed through different resources like search.
The following key applications are included in the Office 365 client app:
- Exchange Online
- Microsoft 365 Search Service
- Microsoft Forms
- Microsoft Planner (ProjectWorkManagement)
- Microsoft Stream
- Microsoft Teams
- Microsoft To-Do
- Microsoft Flow
- Microsoft Office 365 Portal
- Microsoft Office client application
- Microsoft Stream
- Microsoft To-Do WebApp
- Microsoft Whiteboard Services
- Office Delve
- Office Online
- OneDrive
- Power Apps
- Power Automate
- Security & compliance portal
- SharePoint Online
- Skype for Business Online
- Skype and Teams Tenant Admin API
- Sway
- Yammer
A complete list of all services included can be found in the article Apps included in Office 365 app suite.
As you could see "Microsoft App Access Panel" is not in the list.
Sincerely,
Olga Os
