Addin fails to load in trident (Outlook) systems when NAA-SSO authentication is used.

[glr0221]

I have successfully incorporated NAA-SSO authentication in my addin.
I was using this sample as basis for my implementation.
Everything was working fine OWA, mobile and outlook clients.
However, when I tried to load the addin in TRIDENT windows-outlook clients, my addin could not be loaded.

Expected Behavior

I fully expect that NAA-SSO will not run in trident systems.
However, it should not cause for the addin to not be loaded.
I tried adding try-catch around 'createPublicClientApplication()' but it does not go into the 'catch' flow.

Current Behavior

Currently, if an addin adds support for NAA-SSO, and follows the sample provided, then the addin won't be loaded in trident systems.

Steps to Reproduce, or Live Example

• Link to live example: ______
  I don't know if this will help in the debugging process, but somehow this can be reproduced using the sample . Just make sure that the target Outlook client is a windows-trident outlook client.

• Additional details:
  Just follow the sample for SSO-NAA. And then make sure to test and load it in a trident outlook instance.

Context

Imagine that you have an addin that runs on a lot of end points.
And those endpoints are a mix of the new versions and trident systems.
Currently, without NAA-SSO, your addin works great, behaves and functions as designed.
Then you update your addin to support NAA-SSO, and it fails to load the trident systems.

Your Environment

• Platform [PC desktop, Mac, iOS, Office Online]: Windows 10 PC
• Host [Excel, Word, PowerPoint, etc.]: Outlook Trident
• Office version number: 16.0.10730.20348
• Operating System: Windows 10
• Browser (if using Office Online): NA

Useful logs

• Console errors
• Screenshots
• Test file (if only happens on a particular file)

[bntv-config]

Any update in thus issue ?

[davidchesnut]

Hi @glr0221, Unfortunately MSAL v3 (for NAA) won't run on Trident (IE webview). We're working on providing a sample that will show how to fall back to MSAL v2 so that your add-in can still authenticate and run. That is on the backlog.

Thanks!
David

[glr0221]

Hello @davidchesnut . Thanks for your response and for the sample in advance. Very much appreciated.

The other concern I have is the upcoming October 2024 deadline :

Exchange user identity tokens and callback tokens are deprecated and will begin to be turned off in October 2024. We recommend moving Outlook add-ins that use legacy Exchange tokens to nested app authentication.

Are there plans to extend the October 2024 deprecation while NAA still has some issues? Thank you.

[davidchesnut]

The timeline is in our FAQ

So just to help clarify... Only tenants with Current Channel clients will have Exchange tokens turned off in October. And then it will only be tenants we know are not using Exchange tokens. So you shouldn't see add-ins affected yet. In January 2025 is when you'll see all Current Channel tenants having Exchange tokens turned off. So January is definitely when you're going to want your add-in ready.

Cheers,
David

[glr0221]

@davidchesnut Thank you for the timeline and the link explaining it. Looking forward to get the NAA-SSO in place way before the June 2025 deadline.

[glr0221]

@davidchesnut

Just checking on this item. Do we have a timeline for the msalv2 fallback? Also I have tested a newer version (3.24) with trident outlook. It still crashes on load of the addin. We have 3 months until January, and we really would like to get the NAA-SSO implemented in our code.

Or should I just not support Outlook with trident because it is obsolete?

Thank you for your patience and understanding.

[davidchesnut]

Hi @glr0221, We published a sample showing how to support trident fallback here: https://github.com/OfficeDev/Office-Add-in-samples/tree/main/Samples/auth/Outlook-Add-in-SSO-NAA-IE

Also we won't be turning off Exchange Online legacy tokens in any tenant until February. For more information see Nested app authentication and Outlook legacy tokens deprecation FAQ

Hope this helps!
David

[glr0221]

Hello @davidchesnut,

Thank you once again for sharing this sample. Sorry for the late response as it is only now that I had the time to test. I tried the sample on a trident environment and ended up with a runtime error :

Uncaught runtime errors:
×ERROR
Syntax error

ERROR
Loading chunk vendors-node_modules_azure_msal-browser_dist_app_PublicClientApplication_mjs failed.
(missing: https://localhost:3000/vendors-node_modules_azure_msal-browser_dist_app_PublicClientApplication_mjs.js)
ChunkLoadError: Loading chunk vendors-node_modules_azure_msal-browser_dist_app_PublicClientApplication_mjs failed.
(missing: https://localhost:3000/vendors-node_modules_azure_msal-browser_dist_app_PublicClientApplication_mjs.js)
   at stop (https://localhost:3000/taskpane.js:208:6809)
   at _callee$ (https://localhost:3000/taskpane.js:271:11)
   at tryCatch (https://localhost:3000/taskpane.js:208:1030)
   at Anonymous function (https://localhost:3000/taskpane.js:208:3000)
   at Anonymous function (https://localhost:3000/taskpane.js:208:1687)
   at asyncGeneratorStep (https://localhost:3000/taskpane.js:209:84)
   at _throw (https://localhost:3000/taskpane.js:210:291)
   at callReaction (https://localhost:3000/polyfill.js:17278:9)
   at Anonymous function (https://localhost:3000/polyfill.js:17303:7)
   at flush (https://localhost:3000/polyfill.js:9252:7)

The Outlook version I was using was the following :

1. Outlook Semi-annual channel
2. Version="16.0.10730.20348"

I got this build from one of Microsoft's reference articles.

I hope the logs I sent help in determining the cause and in developing a fix as well.

Thank you.

[davidchesnut]

Hi @glr0221,

Running this sample I see it is not working properly, so I'm investigating how to fix and will follow up soon. Thanks!

[davidchesnut]

Hi @glr0221,

Sorry for the late follow up on this issue. My original test setup was incorrect and after some more testing the sample is working correctly. I also tried on the Windows 10 setup with the outlook version you tried, and the sample works there as well. From the error you get, it looks like something is happening with the webpack build. Do you notice any warnings or errors when running the build?

Thanks,
David

[microsoft-github-policy-service]

This issue has been automatically marked as stale because it is marked as needing author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment. Thank you for your interest in Office Add-ins!

[microsoft-github-policy-service]

This issue has been closed due to inactivity. Please comment if you still need assistance and we'll re-open the issue.