SSO works with side loaded manifest, but not from the office store

Gregory Lee 20 Reputation points
2023-11-15T00:44:02.6933333+00:00

I'm trying to integrate Microsoft SSO into an Office Addin. I have this code:

  const middletierToken: string = await OfficeRuntime.auth.getAccessToken({
            allowSignInPrompt: true,
            allowConsentPrompt: true,
            forMSGraphAccess: true,
        })

This code works when I side load the manifest, and I can access my users' MSGraph info. However, with the manifest from the app store, this call fails with an error 13012. What am I doing wrong?

As a side note, if I set:

forMSGraphAccess: false

the call works for the app store manifest, and I can actually use that token to access MSGraph. However, then the consent screen for MS Graph doesn't show up, so my users who haven't already consented are locked out.

Office
Office
A suite of Microsoft productivity software that supports common business tasks, including word processing, email, presentations, and data management and analysis.
1,777 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,544 questions
{count} votes

Accepted answer
  1. Marilee Turscak-MSFT 36,946 Reputation points Microsoft Employee
    2023-11-17T22:39:46.4233333+00:00

    @Gregory Lee ,

    This is expected behavior if you are using forMSGraphAccess: true with the side-loaded add-in.

    You can set forMSGraphAccess: false and call the getaccesstoken() and you will no longer see the 13012 error.

    Otherwise you need to deploy the add-in via the admin center if you are using forMSGraphAccess: true

    If you still run into any issues, I would recommend reaching out on the Office forums for assistance.

    https://github.com/OfficeDev/office-js/issues/2711

    If the information helped you, please Accept the answer. This will help us as well as others in the community who may be researching similar information.

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.