Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[Bug] iOS KeyChain error points to wrong docs location

See original GitHub issue

Which Version of MSAL are you using ?

4.18.0

Platform

xamarin.ios

What authentication flow has the issue?

Desktop / Mobile
- Interactive
- Integrated Windows Auth
- Username Password
- Device code flow (browserless)
Web App
- Authorization code
- OBO
Web API
- OBO

Other? - please describe;

Is this a new or existing app?

new

Description

When you have an issue with the publisher keychain, a MsalException is thrown with the following message:

The application cannot access the iOS keychain for the application publisher (the TeamId is null). This is 
needed to enable Single Sign On between applications of the same publisher. This is an iOS configuration 
issue. See https://aka.ms/msal-net-enable-keychain-access for more details on enabling keychain access.

Expected behavior

The aka.ms link should point to wherever the docs for this have actually migrated.

Actual behavior

The aka.ms link points to: https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/Xamarin-iOS-specifics#enable-keychain-access

Issue Analytics

State:
Created 3 years ago
Comments:10 (1 by maintainers)

Top GitHub Comments

1reaction

dansiegelcommented, Oct 7, 2020

I’ll open a new issue for it. I need to generate a simpler reproduction

0reactions

adambarathcommented, Dec 22, 2020

@bgavrilMS yeah I figured that’s where the docs moved… was more filing that specific issue because the link went to the wrong place and should be updated to help folks out.

I will add my actual code was:
var builder = PublicClientApplicationBuilder
     .Create(ClientId)
     .WithIosKeychainSecurityGroup(Xamarin.Essentials.AppInfo.PackageName)
     .Build();
and my Entitlements were:
<dict>
  <key>keychain-access-groups</key>
  <array>
    <string>$(AppIdentifierPrefix)com.{my app name}</string>
  </array>
</dict>
just like the docs say, and I was getting this error on the Simulator, but not the device.

I had the same issue, but I figured it out how to run my app on simulator. I was wondering CodesignEntitlements tag is only defined under iPhone build configurations. I declared

This is the original CSPROJ generated by Visual Studio. You can see CodesignEntitlements tags are missing by default:

<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  <PropertyGroup>
    <TemplateGuid>{440aa056-593a-4519-8708-27081dee632f}</TemplateGuid>
    ....
  </PropertyGroup>
  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|iPhoneSimulator' ">
    ...
  </PropertyGroup>
  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|iPhoneSimulator' ">
    ...
  </PropertyGroup>
  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|iPhone' ">
    ...
    <CodesignEntitlements>Entitlements.plist</CodesignEntitlements>
    ...
  </PropertyGroup>
  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|iPhone' ">
    ...
    <CodesignEntitlements>Entitlements.plist</CodesignEntitlements>
    ...
  </PropertyGroup>
  ...
  ...

I modified a bit to:

<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  <PropertyGroup>
    <TemplateGuid>{440aa056-593a-4519-8708-27081dee632f}</TemplateGuid>
    ....
  </PropertyGroup>
  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|iPhoneSimulator' ">
    ...
    <CodesignEntitlements>Entitlements.plist</CodesignEntitlements>
    ...
  </PropertyGroup>
  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|iPhoneSimulator' ">
    ...
    <CodesignEntitlements>Entitlements.plist</CodesignEntitlements>
    ...
  </PropertyGroup>
  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|iPhone' ">
    ...
    <CodesignEntitlements>Entitlements.plist</CodesignEntitlements>
    ...
  </PropertyGroup>
  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|iPhone' ">
    ...
    <CodesignEntitlements>Entitlements.plist</CodesignEntitlements>
    ...
  </PropertyGroup>
  ...
  ...

Or just simplier:

<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  <PropertyGroup>
    <TemplateGuid>{440aa056-593a-4519-8708-27081dee632f}</TemplateGuid>
    ....
    <CodesignEntitlements>Entitlements.plist</CodesignEntitlements>
  </PropertyGroup>
  ...