Publisher verification status missing from Azure SSO Consent Dialog

SCT-Akouodev 26 Reputation points
2022-02-07T07:28:56.567+00:00

We're developing an MS Teams Tab application in a multi-tenant setup.

We're using Azure SSO for authentication as documented here, and also the authorization code flow for requesting additional Graph Permissions.

As promised in the Publisher Verification documentation, the app logo and badge are being displayed in the Graph consent dialog.

172384-inkedconsent-graph-li.jpg

But the same verification status is missing from the SSO consent dialog.

172380-inkedconsent-sso-li.jpg

This is an issue because we are unable to publish the app to the MS Teams App Store without the proper 'verified publisher' experience.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,022 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,063 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Skip Livingston 6 Reputation points
    2022-03-24T19:04:04.7+00:00

    We found a workaround: instead of relying on SSO to request consent, catch the consent error and redirect the user to the authorization page requesting the same scopes as SSO. For whatever reason, manually requesting the scopes instead of relying on SSO gets the badge to display in the consent dialog.

    1. If you're using @microsoft/teams-js, you can catch the consent error in authentication.getAuthToken() using the silent=true option
    2. Redirect the user to https://login.microsoftonline.com/${TENANT_ID}/oauth2/v2.0/authorize requesting the same scopes as SSO: profile offline_access openid email
    3. You should see the consent dialog with the verified badge
    1 person found this answer helpful.
    0 comments No comments