Tokens + Trusted App

Similar Messages

• On-premise High-trust App and 401 (appredirect.aspx) for anomyous user

  Hello,
  I've developed a provider hosted App. The App can be used by authenticated and anonymous users. On my development platform the App is working in both cases as expected. Then I configured a new test Server (I did all the steps for high trusted Apps) and installed
  the new App (Register app, created a new package in Visual Studio, did the changes for the TokenHelper class and so on). Now, the App ist working for authenticated users only. For anonymous users the appredirect page is asking for credentials. The SharePoint
  log contains only a few Information about the problem:
  client_id: i:0i.t|ms.sp.ext|..... and instance_id:
  https://xxx/Pages/AppPartPage.aspx?SPHostUrl=http%3A%2F%2FXXXXXXX%2FDE%2FSP2013Standard&SPHostTitle=SP2013%20Standard%20Layout&SPAppWebUrl=""&SPLanguage=de%2DCH&SPClientTag=1&SPProductNumber=15%2E0%2E4420%2E1017&wpId=g%5F5b8feaca%5F038f%5F473d%5F8001%5F0a91849f9a05&editmode=0&SenderId=1DD84F040
  from query string
  redirectLaunUrl after getting it from query string, web or app instance:
  https://remote-domain-app/Pages/AppPartPage.aspx?SPHostUrl=http%3A%2F%2FXXXXXXX%2FDE%2FSP2013Standard&SPHostTitle=SP2013%20Standard%20Layout&SPAppWebUrl=""&SPLanguage=de%2DCH&SPClientTag=1&SPProductNumber=15%2E0%2E4420%2E1017&wpId=g%5F5b8feaca%5F038f%5F473d%5F8001%5F0a91849f9a05&editmode=0&SenderId=1DD84F040
  redirectLaunUrl after getting token replacement:
  https://remote-domain-app/Pages/AppPartPage.aspx?SPHostUrl=http%3A%2F%2FXXXXXXX%2FDE%2FSP2013Standard&SPHostTitle=SP2013%20Standard%20Layout&SPAppWebUrl=""&SPLanguage=de%2DCH&SPClientTag=1&SPProductNumber=15%2E0%2E4420%2E1017&wpId=g%5F5b8feaca%5F038f%5F473d%5F8001%5F0a91849f9a05&editmode=0&SenderId=1DD84F040
  m_oauthAppId after NormalizeAppIdentifier() i:0i.t|ms.sp.ext|548......  Now getting app principal info.
  decided that we need to do a POST to the app.
  NOTHING MORE
  The remote IIS web allows anonymous access and I can open the remote web site as anonymous user. Tried to set the the App Principal permission again, but without luck.  When the remote web is stopped the 401 error still exist - no other error.
  I've no idea what I can check next.

  Hi,
  You can use PowerShell to get the AppPrincipal.
  $targetWeb = Get-SPSite "http://dev.my.com"
  $clientID = "82ea34fc-31ba-4e93-b89a-aa41b023fa7e"
  $authRealm = Get-SPAuthenticationRealm -ServiceContext $targetWeb
  $AppIdentifier = $clientID + "@" + $authRealm
  $appPrincipal = Get-SPAppPrincipal -Site $targetWeb.RootWeb -NameIdentifier $AppIdentifier
  I suggest you try to delete the app and use the following PowerShell script to install the APP.
  param
  [string]$Web = $(throw '- Need a SharePoint web site URL (e.g. "http://portal.contoso.com/")'),
  [string]$Source = "ObjectModel"
  Write-Host -ForegroundColor White "-------------------"
  Write-Host -ForegroundColor White "| App Installer |"
  Write-Host -ForegroundColor White "-------------------"
  Write-Host -ForegroundColor White "- "
  #Global vars
  $AppPackageName = "App.app";
  #Loads powershell settings
  Write-Host -ForegroundColor White "- Load Powershell context.."
  $0 = $myInvocation.MyCommand.Definition
  $dp0 = [System.IO.Path]::GetDirectoryName($0)
  #Loads the SharePoint snapin
  Write-Host -ForegroundColor White "- Load SharePoint context.."
  $ver = $host | select version
  if ($ver.Version.Major -gt 1) {$host.Runspace.ThreadOptions = "ReuseThread"}
  if ((Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue) -eq $null) {
  Add-PSSnapin "Microsoft.SharePoint.PowerShell";
  [void][System.Reflection.Assembly]::Load("Microsoft.SharePoint, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c")
  #Imports the App package
  Write-Host -ForegroundColor White "- Import app package '$AppPackageName'..."
  $appPath = "C:\Projects\App\App\bin\Debug\app.publish\1.0.0.0" + "\" + $AppPackageName;
  if ($Source.Equals("ObjectModel", [System.StringComparison]::InvariantCultureIgnoreCase)) {
  $sourceApp = ([microsoft.sharepoint.administration.spappsource]::ObjectModel);
  elseif ($Source.Equals("Marketplace", [System.StringComparison]::InvariantCultureIgnoreCase)) {
  $sourceApp = ([microsoft.sharepoint.administration.spappsource]::Marketplace);
  elseif ($Source.Equals("CorporateCatalog", [System.StringComparison]::InvariantCultureIgnoreCase)) {
  $sourceApp = ([microsoft.sharepoint.administration.spappsource]::CorporateCatalog);
  elseif ($Source.Equals("DeveloperSite", [System.StringComparison]::InvariantCultureIgnoreCase)) {
  $sourceApp = ([microsoft.sharepoint.administration.spappsource]::DeveloperSite);
  elseif ($Source.Equals("RemoteObjectModel", [System.StringComparison]::InvariantCultureIgnoreCase)) {
  $sourceApp = ([microsoft.sharepoint.administration.spappsource]::RemoteObjectModel);
  $spapp = Import-SPAppPackage -Path "$appPath" -Site $Web -Source $sourceApp -Confirm:$false -ErrorAction SilentlyContinue -ErrorVariable err;
  if ($err -or ($spapp -eq $null))
  Write-Host -ForegroundColor Yellow "- An error occured during app import !"
  throw $err;
  Write-Host -ForegroundColor White "- Package imported with success."
  #Installs the App
  Write-Host -ForegroundColor White "- Install the APP in web site..."
  $app = Install-SPApp -Web $Web -Identity $spapp -Confirm:$false -ErrorAction SilentlyContinue -ErrorVariable err;
  if ($err -or ($app -eq $null)) {
  Write-Host -ForegroundColor Yellow "- An error occured during app installation !"
  throw $err;
  $AppName = $app.Title;
  Write-Host -ForegroundColor White "- App '$AppName' registered, please wait during installation..."
  $appInstance = Get-SPAppInstance -Web $Web | where-object {$_.Title -eq $AppName};
  $counter = 1;
  $maximum = 150;
  $sleeptime = 2;
  Write-Host -ForegroundColor White "- Please wait..." -NoNewline;
  $url = "$($Web)_layouts/15/appinv.aspx?AppInstanceId={$($appInstance.Id)}"
  $ie = New-Object -com internetexplorer.application
  try
  $ie.visible=$true
  $ie.navigate2($url)
  while ($ie.busy)
  sleep -milliseconds 60
  $trustButton = $ie.Document.getElementById("ctl00_PlaceHolderMain_BtnAllow")
  $trustButton.click()
  sleep -Seconds 1
  Write-Host "App was trusted successfully!"
  catch
  throw ("Error Trusting App");
  while (($appInstance.Status -eq ([Microsoft.SharePoint.Administration.SPAppInstanceStatus]::Installing)) -and ($counter -lt $maximum))
  Write-Host -ForegroundColor White "." -NoNewline;
  sleep $sleeptime;
  $counter++;
  $appInstance = Get-SPAppInstance -Web $Web | where-object {$_.Title -eq $AppName}
  Write-Host -ForegroundColor White ".";
  if ($appInstance.Status -eq [Microsoft.SharePoint.Administration.SPAppInstanceStatus]::Installed) {
  Write-Host -ForegroundColor White "- The App was successfully installed.";
  $appUrl = $appInstance.AppWebFullUrl;
  Write-Host -ForegroundColor White "- The App is now available at '$appUrl'.";
  Write-Host -ForegroundColor White "- (Don't forget to add app host name in your host file if necessary...).";
  Write-Host -ForegroundColor White "- "
  else {
  Write-Host -ForegroundColor Yellow "- An unknown error has occured during app installation. Read SharePoint log for more information.";
  More TroubleShooting Tips for High Trust Apps on SharePoint 2013
  http://blogs.technet.com/b/speschka/archive/2012/11/01/more-troubleshooting-tips-for-high-trust-apps-on-sharepoint-2013.aspx
  Thanks,
  Dennis Guo
  TechNet Community Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected].
  Dennis Guo
  TechNet Community Support

• RIM BES Trusted App - No GUID

  Having issues with adding new BB users /address books on 4.1.6.22 BES with GW7 client.
  (Our GW server is GW8SP1HP1 on NW6.5SP8 with eDir 8.85)
  I followed "Solving Trusted Key Issues with BB Server and ConsoleOne[" Cool Solution about generating a new Trusted App but the generated key will not paste into server's key field on BES because it is not the correct format.
  So I found a few docs showing how the key is based on the RIM BES Trusted App GUID and where to find it in ConsoleOne (Tools, GW Diags, Record Enumerations, select Trusted Apps by name then Info. ).However,it seems there is no GUID to be found. I also did a search by GUID under the Record Enumerations and eventually found an object with an empty GUID that showed the RIM BES info. So it appears my system isn't creating a usable GUID for this object.
  Does anyone have any ideas how I can get a usable key?

  Are you installing the BES and having troubles with the key? I have only
  used C1 to delete the trusted key and used the key generator provided by
  RIM, it should be in: C:\Research In Motion\BlackBerry Enterprise Server\Key
  Generator Application from were the installation package unpackaged the
  install.
  Now it's important to run the key generator on a PC that has the Novell
  client installed, so I often have copied that directory to a PC that has it
  and so far I have never had any issue.
  Once generated and the key copied to the prompt during installation, you
  should be good to go; there shouldn't be anything you need to do after that,
  if it works for one user, it should work for everyone?
  "krmcclure" <[email protected]> wrote in message
  news:[email protected]..
  >
  > Having issues with adding new BB users /address books on 4.1.6.22 BES
  > with GW7 client.
  > (Our GW server is GW8SP1HP1 on NW6.5SP8 with eDir 8.85)
  >
  > I followed "Solving Trusted Key Issues with BB Server and ConsoleOne["
  > Cool Solution about generating a new Trusted App but the generated key
  > will not paste into server's key field on BES because it is not the
  > correct format.
  >
  > So I found a few docs showing how the key is based on the RIM BES
  > Trusted App GUID and where to find it in ConsoleOne (Tools, GW Diags,
  > Record Enumerations, select Trusted Apps by name then Info. ).However,it
  > seems there is no GUID to be found. I also did a search by GUID under
  > the Record Enumerations and eventually found an object with an empty
  > GUID that showed the RIM BES info. So it appears my system isn't
  > creating a usable GUID for this object.
  >
  > Does anyone have any ideas how I can get a usable key?
  >
  >
  > --
  > krmcclure
  > ------------------------------------------------------------------------
  > krmcclure's Profile: http://forums.novell.com/member.php?userid=25930
  > View this thread: http://forums.novell.com/showthread.php?t=402975
  >

• Iframe auto height based on content in high trust apps on premise

  Hi, 
  how to adjust the app part height based on the content, in high trust apps. 
  Thanks
  Ram

  Hi Ram,
  We can use JavaScript to adjust the iframe height, the following code for your reference:
  <script type="text/javascript">
  function iframeLoaded() {
  var iFrameID = document.getElementById('idIframe');
  if(iFrameID) {
  // here you can make the height, I delete it first, then I make it again
  iFrameID.height = "";
  iFrameID.height = iFrameID.contentWindow.document.body.scrollHeight + "px";
  </script>
  More information:
  How To Adjust IFrame Height on Its Content
  http://www.codeproject.com/Articles/19499/How-To-Adjust-IFrame-Height-on-Its-Content
  Best Regards
  TechNet Community Support
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
  [email protected]

• Unhandled exception was thrown by the sandboxed code wrapper's Execute method in the partial trust app domain

  Hi All,
    I have created a custom web part in VS 2008 for Share point server 2010 with DevExpress v12.2.17, and deployed as Sandboxed solution. when i add that web parts in web part zone i am getting the error as "Web Part Error:
  Unhandled exception was thrown by the sandboxed code wrapper's Execute method in the partial trust app domain: An unexpected error has occurred. ".
  If there is any way to get detailed error either log file or event viewer.
  Kindly advice to find the cause of the problem.
  Thanks,
  Selvakumar.S

  Hello,
  Are you impersonating your code? Have you tried to debug your code by attaching SPUCHostService.exe? if not please do so.
  You also need to check ULS log for more information about this error. Here is one ref link if this could help
  http://sohilmakwana.wordpress.com/2013/11/29/sandbox-error-unhandled-exception-was-thrown-by-the-sandboxed-code-wrappers-execute-method-in-the-partial-trust-app-domain/
  Hemendra:Yesterday is just a memory,Tomorrow we may never see
  Please remember to mark the replies as answers if they help and unmark them if they provide no help

• Trusted App key on test server

  Hi,
  I'm using the the SOAP services on the test server (151.155.5.234) and instead of using individual logins, I would prefer to login using a Trusted App key.
  Is there a Trusted App key available to use on the test server?
  Thanks,
  Paul

  Sorry, my time restraints don't allow me to look into
  the issue. If you want to try trusted application
  logins, I would suggest you get an evaluation copy of
  GroupWise and try it on that.
  I can't remember the password I used to setup the server.
  If I need to do anything with the server, I would need to
  do a fresh install. Setting up the server so that it can
  sit outside the firewall takes a lot of time. Time that I
  don't have now.
  I believe there is still a 5 user evaluation copy of
  GroupWise that you can get.
  Preston
  >>> On Wednesday, May 26, 2010 at 8:26 AM,
  paulward<[email protected]> wrote:
  > Hi,
  >
  > I'm using the the SOAP services on the test server (151.155.5.234) and
  > instead of using individual logins, I would prefer to login using a
  > Trusted App key.
  >
  > Is there a Trusted App key available to use on the test server?
  >
  > Thanks,
  >
  > Paul

• TD Canada Trust app not working

  Has anyone tried installing TD Canada trust banking application on Z10? I tried several times but it keeps saying "Unavailable for this device". I phoned TD and they say it has nothing to do with them, but with Telus, Telus says nothing to do with them but with Blackberry.........And I cannot reach anyone from BB to give me an answer. Thanks
  Solved!
  Go to Solution.

  Ok, I understand your point, but when I buy this phone (suppose to be better than all other BB), I am looking forward to have at least the same apps that I add on my bold before. so don't put it on a market before you can propose at least the same apps.

• How to make Safari stop asking whether to trust app Signature

  I'm running Safari 4.0.5 on a Tiger system. When I sign on to my work VPN (I go to a website, enter credentials, and it starts up Network Connect), it always says "this applet was signed by ... and then I have to hit "Trust" or "Don't trust" or "Examine certificate". Can I get rid of this somehow?
  thanks
  Mike

  Hi Mike,
  Anytime you go to a secure site you will know because there will be a small gray lock icon top right in your Safari window. Click the lock to view the certificate information.
  If a site's certificate consistently requires you to click Trust over and over, report that to the site. Hopefully they have a contact link somewhere.
  Note.. you have to enter your username and password in most cases before you will see the gray icon.
  When you see the certificate click the purple circle with a black ? in it bottom left side of the certificate window. A Help viewer window will open with information about certificates.
  Carolyn

• Creating High trust provider hosted app in SharePoint online

  Hi,
  I need to create high trust provider hosted app for SharePoint Online. provider hosted would be not going to host in Azure but it will be some where else.
  some kindly provide step by step that how to create High trust app for SharePoint online but not for SharePoint 2013.
  Kaps

  check this link
  http://msdn.microsoft.com/en-us/library/office/fp179901(v=office.15).aspx#Intro
  A high-trust app for SharePoint is is primarily intended for use in an on-premises environment. The high-trust
  app cannot be installed to Microsoft SharePoint Online, and the remote components are typically installed on premises, too, within the corporate firewall. Thus, the instances of the app for SharePoint are specific to each individual company.
  Kind Regards, John Naguib Technical Consultant/Architect MCITP, MCPD, MCTS, MCT, TOGAF 9 Foundation

• Access denied when upgrade SharePoint app in on premise deployment while it succeeds in fresh deployment

  We deployed a SharePoint hosted app then used it for a while then we needed to upgrade it to be provider hosted app.
  we used the same AppID and name with the new package then uploaded the package to the app catalog.
  the old app in the site contents now has a note that there is a newer version and prompts to upgrade.
  the upgrade fails with access denied even for site collection administrator.
  is there really some permission issue or the upgrade can't be done?
  We are volunteers, if the reply help you mark it as your answer. thanks!!

  Hi,
  According to your post, my understanding is that you got access denied error when upgrade the SharePoint hosted app to provider hosted app.
  How did you upgrade a SharePoint hosted app to a provider hosted app?
  They are two different type apps, why not just create a new provider hosted app?
  To create a provider hosted app, we should create a certificate that is used as “security token issuer”.
  There are two articles about creating provider hosted  high trust app, you can have a look at them.
  http://blog.karstein-consulting.com/2013/01/08/create-provider-hosted-high-trust-app-for-sharepoint-2013-short-guide/
  http://msdn.microsoft.com/en-us/library/fp179901.aspx
  What’s more, there is an topic about the troubleshooting tips for SharePoint high trust app, you can refer to it.
  http://blogs.technet.com/b/speschka/archive/2012/11/01/more-troubleshooting-tips-for-high-trust-apps-on-sharepoint-2013.aspx
  Thanks & Regards,
  Jason
  Jason Guo
  TechNet Community Support

• SharePoint 2013 Provider hosted App installation error

  Hi All,
  I am trying to install a provider hosted app in SharePoint 2013. Installation goes for about 15mins and get "Sorry, something went wrong
  with adding the app. Click to retry."
  Please find belw ULS details for Correlation ID:
  Error when try to get access token when deploy AppInstanceId 7bcf1d9d-897a-48a1-b4f4-cd3120fd98a5 with AppPrincipalId i:0i.t|ms.sp.ext|[email protected]01b993b6. Exception=System.InvalidOperationException:
  An unexpected error was returned from the delegation service.  Error Code: 'invalid_client' Error Description: 'ACS65003: The clientId 'd12de581-316c-4224-b58b-e91ac2042150/www.SERVERNAME.DOMAIN.com@0d85160c-5899-44ca-acc8-db1501b993b6' is not a valid
  service identity.  Trace ID: 4a0c4974-94f4-4077-9a22-2ba5f0abb444  Correlation ID: 674d9839-686b-45f3-be46-31db4dc2a9d0  Timestamp: 2014-07-23 09:34:49Z'    
   at Microsoft.SharePoint.Administration.SPAzureAccessControlDelegationServiceClient.HandleUnexpectedError(SPAzureAccessControlDelegationServiceResponse delegationServiceResponse)    
   at Microsoft.SharePoint.ApplicationServices.SPApplicationContextAccessToken.GetResponseOrThrow[T](SPAzureAccessControlDelegationServiceClient delegationServiceClient, SPAzureAccessControlDelegationServiceResponse delegationServiceResponse)    
   at Microsoft.SharePoint.ApplicationServices.SPApplicationContextAccessToken.IssueApplicationContextAccessToken(SPServiceContext serviceContext, SPApplicationContextAccessTokenCreationParameters creationParameters)    
   at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForApplicationContext(SPIdentityContext userIdentityContext, String applicationId, Uri applicationRealm, SPApplicationContextAccessTokenType applicationTokenType, SPApplicationDelegationConsentType
  consentValue)    
   at Microsoft.SharePoint.SPServerToAppServerAccessTokenManager.GetAccessTokenForDeploymentTask(Guid siteId, SPUserToken userToken, String appPrincipalId)    
   at Microsoft.SharePoint.Lifecycle.SPAppPrincipalAccessTokenTask.<>c__DisplayClass1.<Deploy>b__0()
  sudesh withanage

  Hi  sudesh,
  According to your description, my understanding is that you encountered the error “An unexpected error was returned from the delegation service" when you try to add a SharePoint 2013 Provider hosted App.
  As the error message says, the clientId 'd12de581-316c-4224-b58b-e91ac2042150/www.SERVERNAME.DOMAIN.com@0d85160c-5899-44ca-acc8-db1501b993b6' is not a valid service identity when your SharePoint  try
  to get access token via ACS. Is there any plans to develop a low trust mechanism for non-connected scenarios? i.e. low trust provider hosted apps with no external connection, like say for a Bank who lock down external access.  Please  follow the
  steps as the blog  to set development environment for  SharePoint Low-Trust Apps:
  http://blogs.msdn.com/b/besidethepoint/archive/2012/12/10/sharepoint-low-trust-apps-for-on-premises-deployments.aspx?PageIndex=1#comments
  Best Regards,
  Eric
  Eric Tao
  TechNet Community Support

• SharePoint Provider Hosted App (401) Unauthorized Microsoft.SharePoint.SPException: The Azure Access Control service is unavailable

  Hello,
  I'm attempting to get a SharePoint 2013 Provider Hosted Application working in a brand new SharePoint environment.  I've created snapshots of both my dev and the sharepoint environments along the way and have meticulously documented every step of the
  way.  I've followed these instructions (among many other resources found along this journey) :
  http://msdn.microsoft.com/en-us/library/fp179923(office.15).aspx
  http://technet.microsoft.com/en-us/library/fp161236(office.15).aspx
  http://msdn.microsoft.com/library/office/fp179901%28v=office.15%29
  Upon package and publish of my application to SharePoint, I get a 401 Unauthorized error.  I use Fiddler to obtain the SPErrorCorrelationID to ultimately obtain the following ULS Viewer Output.  Please explain how to fix if you're able.
  Please Note:  I was under the impression that a Provider Hosted Application does not use the Azure Access Control service, so I'm confused as to why my system is attempting to make this connection?
  Also Note:  I've used a self signed and godday obtained certificate to successfully f5 debug my basic web.title (out of the visual studio 2012 box) sharepoint provider hosted application... so I know my certs are good.
  Here's my ULS output:
  03/24/2014 08:54:47.83    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    Logging Correlation Data    xmnv    Medium    Name=Request (GET:http://portal.cltenet.com/_layouts/15/appredirect.aspx?instance_id=22d5252f%2D392c%2D4f68%2Db820%2Da3053b9d4f24)  
   306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.83    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    Authentication Authorization    agb9s    Medium    Non-OAuth request.
  IsAuthenticated=True, UserIdentityName=0#.w|cltenet\sp.apps, ClaimsCount=25    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.83    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    Logging Correlation Data    xmnv    Medium    Site=/    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.84    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Deployment    acjjg    Medium    The current user has System.Threading.Thread.CurrentPrincipal.Identity.Name
  = 0#.w|cltenet\sp.apps, System.Security.Principal.WindowsIdentity.GetCurrent().Name = NT AUTHORITY\IUSR, System.Web.HttpContext.Current.User.Identity.Name = 0#.w|cltenet\sp.apps.    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.84    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Auth    ajsrv    Medium    redirectLaunUrl after getting it from query
  string, web or app instance: https://hightrust31.cltenetapps.com/Pages/Default.aspx?{StandardTokens}    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    General    aib0n    High    trying to get app tokens for site: 888b71f7-51ee-40f5-8344-8de4869d37d0
  Unable to load app tokens from appInstanceId: 22d5252f-392c-4f68-b820-a3053b9d4f24    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Auth    ajsrw    Medium    redirectLaunUrl after getting token replacement:
  https://hightrust31.cltenetapps.com/Pages/Default.aspx?SPHostUrl=http%3A%2F%2Fportal%2Ecltenet%2Ecom&SPLanguage=en%2DUS&SPClientTag=0&SPProductNumber=15%2E0%2E4420%2E1017    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Auth    ajsry    Medium    m_oauthAppId after NormalizeAppIdentifier()
  i:0i.t|ms.sp.ext|[email protected]8df36d5d.  Now getting app principal info.    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Auth    ajsr0    Medium    decided that we need to do a POST to the
  app.    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Auth    ajsr1    Medium    m_redirectMessage: EndpointAuthorityMatches  
   306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Auth    ajsr2    Medium    realm matched attempting to get app token
  using GetAccessToken()    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Auth    advzm    High    Error when get token for app i:0i.t|ms.sp.ext|[email protected]8df36d5d,
  exception: Microsoft.SharePoint.SPException: The Azure Access Control service is unavailable.     at Microsoft.SharePoint.ApplicationServices.SPApplicationContext.GetApplicationSecurityTokenServicesUri(SPServiceContext serviceContext)    
  at Microsoft.SharePoint.ApplicationServices.SPApplicationContext..ctor(SPServiceContext serviceContext, SPIdentityContext userIdentity, OAuth2EndpointIdentity applicationEndPoint)     at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForApplicationContext(SPIdentityContext
  userIdentityContext, String applicationId, Uri applicationRealm, SPApplicationContextAccessTokenType applicationTokenType, SPApplicationDelegationConsentType consentValue)     at Microsoft.SharePoint.SPServerToAppServerAccessTokenManager.GetAccessTokenPrivate(SPServiceContext
  serviceContext, String appId, Uri appEndpointUrl, SPAppPrincipalInfo appPrincipal, SPApplicationContextAccessTokenType tokenType, Boolean useThreadIdentity, SPUserToken userToken)    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Auth    ajsr3    High    App token requested from appredirect.aspx
  for site: 888b71f7-51ee-40f5-8344-8de4869d37d0 but there was an error in generating it.  This may be a case when we do not need a token or when the app principal was not properly set up.  LaunchUrl:https://hightrust31.cltenetapps.com/Pages/Default.aspx?SPHostUrl=http://portal.cltenet.com&SPLanguage=en-US&SPClientTag=0&SPProductNumber=15.0.4420.1017
  Exception Message:The Azure Access Control service is unavailable.  Stacktrace:    at Microsoft.SharePoint.ApplicationServices.SPApplicationContext.GetApplicationSecurityTokenServicesUri(SPServiceContext serviceContext)    
  at Microsoft.SharePoint.ApplicationServices.SPApplicationContext..ctor(SPServiceContext serviceContext, SPIdentityContext userIdentity, OAuth2EndpointIdentity applicationEndPoint)     at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForApplicationContext(SPIdentityContext
  userIdentityContext, String applicationId, Uri applicationRealm, SPApplicationContextAccessTokenType applicationTokenType, SPApplicationDelegationConsentType consentValue)     at Microsoft.SharePoint.SPServerToAppServerAccessTokenManager.GetAccessTokenPrivate(SPServiceContext
  serviceContext, String appId, Uri appEndpointUrl, SPAppPrincipalInfo appPrincipal, SPApplicationContextAccessTokenType tokenType, Boolean useThreadIdentity, SPUserToken userToken)     at Microsoft.SharePoint.SPServerToAppServerAccessTokenManager.GetAccessTokenFromThreadIdentityOrUserToken(SPServiceContext
  serviceContext, String appId, Uri appEndpointUrl, SPApplicationContextAccessTokenType tokenType, SPAppPrincipalInfo appPrincipal, Boolean useThreadIdentity, SPUserToken userToken)     at Microsoft.SharePoint.ApplicationPages.AppRedirectPage.ValidateAndProcessRequest(). 
  Since this is a nonfatal error, it will be sanitized and posted to the app as part of the app launch.    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    General    ajlz0    High    Getting Error Message for Exception Microsoft.SharePoint.SPException:
  The Azure Access Control service is unavailable.     at Microsoft.SharePoint.ApplicationServices.SPApplicationContext.GetApplicationSecurityTokenServicesUri(SPServiceContext serviceContext)     at Microsoft.SharePoint.ApplicationServices.SPApplicationContext..ctor(SPServiceContext
  serviceContext, SPIdentityContext userIdentity, OAuth2EndpointIdentity applicationEndPoint)     at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForApplicationContext(SPIdentityContext userIdentityContext, String applicationId, Uri
  applicationRealm, SPApplicationContextAccessTokenType applicationTokenType, SPApplicationDelegationConsentType consentValue)     at Microsoft.SharePoint.SPServerToAppServerAccessTokenManager.GetAccessTokenPrivate(SPServiceContext serviceContext,
  String appId, Uri appEndpointUrl, SPAppPrincipalInfo appPrincipal, SPApplicationContextAccessTokenType tokenType, Boolean useThreadIdentity, SPUserToken userToken)     at Microsoft.SharePoint.SPServerToAppServerAccessTokenManager.GetAccessTokenFromThreadIdentityOrUserToken(SPServiceContext
  serviceContext, String appId, Uri appEndpointUrl, SPApplicationContextAccessTokenType tokenType, SPAppPrincipalInfo appPrincipal, Boolean useThreadIdentity, SPUserToken userToken)     at Microsoft.SharePoint.ApplicationPages.AppRedirectPage.ValidateAndProcessRequest()  
   306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Auth    aib0p    Medium    Doing appredirect from appredirect.aspx:
  in site: 888b71f7-51ee-40f5-8344-8de4869d37d0 with RedirectLaunchUrl: https://hightrust31.cltenetapps.com/Pages/Default.aspx?SPHostUrl=http%3A%2F%2Fportal%2Ecltenet%2Ecom&SPLanguage=en%2DUS&SPClientTag=0&SPProductNumber=15%2E0%2E4420%2E1017  
   306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    Monitoring    b4ly    Medium    Leaving Monitored Scope (Request (GET:http://portal.cltenet.com/_layouts/15/appredirect.aspx?instance_id=22d5252f%2D392c%2D4f68%2Db820%2Da3053b9d4f24)).
  Execution Time=26.5933938531294    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  Your help is very much appreciated.
  With Respect,
  Larry

  Yes, actually - I was able to resolve it.
  However I don't know how, unfortunately.  I suspect it was because I needed to have the names of the certificates, defined during the certificate registration (to sharepoint) process, different.
  I have a complete document that shows step by step instructions on the exact process I took to complete the provider hosted application creation, deployment and publishing.  It was a daunting task, but I finished it successfully.
  If there's a way to send private message on this forum, please do so and I'll respond with a way to obtain my document.
  NOTE:  I'm not all impressed with the way this forum works.  This is supposed to be a Microsoft resource and I'll be damned if I ever get a response to highly technical questions.  Completely lame.  Boooooo Microsoft.

• Error occurred in deployment step 'Uninstall app for SharePoint': The remote server returned an error: (502) Bad Gateway.

  Installed SP 2013 Foundation in my Hyper-V machine
  Created and done all the steps mentioned here http://blogs.msdn.com/b/shariq/archive/2013/05/07/how-to-set-up-high-trust-apps-for-sharepoint-2013-amp-troubleshooting-tips.aspx && http://msdn.microsoft.com/en-us/library/office/fp179901%28v=office.15%29.aspx
  for self signed certificate
  copied those two certificates in my local machine(base machine) D drive
  (D:\Cert)
  Both VM and base machine are in same domain
  Installed VS 2013 in my base machine and create a Provided hosted app with the copied certificates, (For creation i followed the above mentioned URL)
  Just created and hit F5 to run in my base machine, but getting this error
  Error occurred in deployment step 'Uninstall app for SharePoint': The remote server returned an error: (502) Bad Gateway.
  Please help me to resolve this issue, trying to figure out from last 2 days
  Thanks in Advance
  Arun

  Hi Harminder,
  This happens because an app has already been deployed and you are deploying it again using the same version.
  Resolution:
  Open the AppManifest.xml file and change the version.
  Vivek Jagga - MCTS SharePoint
  SharePointExcellence

• Windows 8.1 app doesn't start due to Error 0x80073cfc - package is in state: Modified

  Hello
  Ive created an app with winjs and am deploying it onto domain joined windows 8 Pro devices, without the use of a sideloading key (sideloading enhancements).
  The SAME package does work on other devices but the current device is behaving differently.
  Device preperation:
  1. The device has a windows 8.1 pro OS and is fully updated.
  2. The group policy Allow all trusted apps to install has been enabled.
  3.  The certificate has been installed into the devices thrusted root certificate store.
  To create my package, i right clicked my application project and selected Store => Create App Package. Then i selected No on the store question and next => create.
  I Installed the dependencies Microsoft.WinJS.1.0 and Microsoft.VCLibs.x86.11.00 as it is a x86 package.
  The created package i installed using the powershell add-apppackage command.
  The error i am seeing in the windows event log (translated from dutch):
  The activation of the app <some guid> App for the WindowsLaunch-contract has been blocked with Error 0x80073CFC because the package is in a Modified state.
  Any help would be greatly appriciated.
  Regards Ian

  Hi Ian,
  I would move the question to TechNet Windows 8 General forum for a better support.
  Thanks for your understanding.
  --James
  <THE CONTENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS OR IMPLIED>
  Thanks
  MSDN Community Support
  Please remember to "Mark as Answer" the responses that resolved your issue. It is a common way to recognize those who have helped you, and makes it easier for other visitors to find the resolution later.

• HT4009 How can I get a refund for an In-App purchase, that I made by mistake, and I didn't use it?

  My son did purchase some token, In-App (almost $130), and I have to mention that is too easy for a 5 years old boy to buy In-App, after you Download a New App (SKYLANDERS CLOUD PATROL, v1.6.0);  for him, because the Account will remain open for couple of minutes.
  I know he used $10 of it, or so?!?!
  BUT, I want to know how can get the rest of it, back?
  I didn't let him play anymore after I've got that he bought lots of token, Or extra points.

  FOR ASSISTANCE WITH ORDERS - iTUNES STORE CUSTOMER SERVICE
  For assistance with billing questions or other order inquiries, please refer to our online support page by clicking here: http://www.apple.com/support/itunes/store/. If you cannot find the answers you are seeking in our robust knowledge base, you can contact us by visiting the following URL http://www.apple.com/support/itunes/store/, clicking on the appropriate Customer Service topic, then using the contact button or email form at the bottom of the page. Responses to emails will be provided as soon as possible.
  Phone: 800-275-2273 How to reach a live person: Press 0 four times
  Hours of Operation: Mon-Fri: 9am-5pm ET
  Email: [email protected]
  How to report an issue with Your iTunes Store purchase
  http://support.apple.com/kb/HT1933
  iTunes Purchase Problems: How to Report a Problem to iTunes Support
  http://tinyurl.com/7tscpa7
  How to Get a Refund from the App Store
  http://gizmodo.com/5886683/how-to-get-a-refund-from-the-app-store
  Getting Refunds for your iTunes Store Purchases
  http://www.labnol.org/software/itunes-app-store-refunds/13838/
  Canceling a Digital Subscription
  http://gadgetwise.blogs.nytimes.com/2011/10/14/qa-canceling-a-digital-subscripti on/
   Cheers, Tom