You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Specifically "signInAudience" (aka: Supported account type) seems to matter for the AAD application being used for authentication.
"PersonalMicrosoftAccount" seems to give issues and does not let the AAD app be used for package uploader.
If we change "signInAudience" to be "AzureADMyOrg" things will probably work, but are there are other manifest attributes that will need to change as well in order to support this and not cause any problems?
We noticed that in the manifest an app with "signInAudience":"PersonalMicrosoftAccount", it has "accessTokenAcceptedVersion": 2 but this restriction isn't there for an app with "signInAudience":"AzureADMyOrg" (null value for that key). From reading various available documentation like these:
[https://learn.microsoft.com/en-us/azure/active-directory/develop/supported-accounts-validation]
...it seems that the supported account type changes features available and Azure AD apps use version 1.0 tokens if I'm not mistaken. So part of what we're wondering is if this is why the client secret token is accepted for "signInAudience":"AzureADMyOrg" but rejected for "signInAudience":"PersonalMicrosoftAccount".
The text was updated successfully, but these errors were encountered:
Specifically "signInAudience" (aka: Supported account type) seems to matter for the AAD application being used for authentication.
"PersonalMicrosoftAccount" seems to give issues and does not let the AAD app be used for package uploader.
If we change "signInAudience" to be "AzureADMyOrg" things will probably work, but are there are other manifest attributes that will need to change as well in order to support this and not cause any problems?
We noticed that in the manifest an app with "signInAudience":"PersonalMicrosoftAccount", it has "accessTokenAcceptedVersion": 2 but this restriction isn't there for an app with "signInAudience":"AzureADMyOrg" (null value for that key). From reading various available documentation like these:
[https://learn.microsoft.com/en-us/azure/active-directory/develop/supported-accounts-validation]
[https://learn.microsoft.com/en-us/azure/active-directory/develop/access-tokens#token-formats]
...it seems that the supported account type changes features available and Azure AD apps use version 1.0 tokens if I'm not mistaken. So part of what we're wondering is if this is why the client secret token is accepted for "signInAudience":"AzureADMyOrg" but rejected for "signInAudience":"PersonalMicrosoftAccount".
The text was updated successfully, but these errors were encountered: