How to receiving the webApplicationInfo from the manifest

Question

My SPFx web part is throwing MsalServiceExceptions specifically on the Teams mobile client, even though SSO works perfectly on Desktop and Web. The bootstrap token seems to vanish during the iframe handoff, possibly due to third-party cookie restrictions or a timeout in the mobile WebView's getAuthToken() promise.

Is there a way to verify if the mobile client is actually receiving the webApplicationInfo from the manifest, or is this a known limitation of the Teams Mobile Identity cache?

Answer 1

Hi Gao Pengcheng

Thank you for reaching out to Microsoft Q&A forum

As far as I know, the MsalServiceException on Teams mobile is caused by strict mobile WebView privacy policies (like iOS Intelligent Tracking Prevention) that block third-party cookies. While SSO works on desktop and web, the mobile client prevents your SPFx iframe from silently acquiring tokens from login.microsoftonline.com in the background, causing the request to fail or timeout.

Therefore, you shouldn't rely exclusively on silent authentication. You must implement an interactive fallback flow:

1. Wrap your token acquisition logic in a try/catch block.
2. If getAuthToken() throws an MsalServiceException, display a manual "Sign In" button in your web part.
3. Bind that button to explicitly call microsoftTeams.authentication.authenticate() to open a popup window. Because this is triggered by a direct user click, the mobile WebView will allow the authentication flow to complete.
4. Ensure your project is updated to SPFx 1.18+ and Teams JS SDK v2+, as recent versions handle mobile redirect scenarios much better.

Hope my answer will help you.

---

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".   

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.