Is anyone experiencing new issues with Domain Authentication?
We’ve had an AppSheet app running successfully for two years now using Domain Auth. Specifically Microsoft Active Directory (AD). We’ve successfully integrated AD and it has been working with multiple users for over a year now.
The AD security groups have been mapped and enabled in the Domain Authentication section of my AppSheet App as shown here:
However, as of a couple weeks ago, these users are not able to access the Application. We have confirmed that they are getting to AppSheet successfully:
However, as soon as they hit the page, they are all seeing this:
Yep, you are correct. They are successful with authentication all the way up to the point of trying to access this particular App. They can’t enter this app so they are not even getting to that Switch statement. Also, absolutely, I have had the app configured exactly like you are showing with the Domain Access.
This was all working fine a few weeks ago, and there have been no changes to the AppSheet App in several months.
Here’s a screenshot of the Domain Access page for reference:
Is everyone having issues or just this one person? The person did enter the email address exactly correct?
I can only suggest to check if permissions within the Domain were changed in some way. If not, then you’ll likely need to reach out to AppSheet Support for assistance.
Everyone is having issues accessing the app, so it’s not just one person. I’ll circle back with our internal security teams again. Thanks for the guidance. I will post back here if we are able to resolve the issue.
I did notice in the Authentication Groups there is a parameter that currently says “none” alongside each of our Active Directory security groups. I could be wrong, but I do not recall seeing that before. Is this a requirement for us to pass something to this parameter from our internal Domain?
We have not yet move to Domain based groups (it is on our plan for this year). We presently are using simple white-listed users within each app.
However, somewhere, likely in the Admin Console each of these Authentication Groups needs to be assigned users or, alternatively, each user is assigned a Group. I’m not sure how that is done. On the Accounts tab there is a “Team/org role” dropdown. Maybe the custom roles show up there automatically once created???
interesting. Yeah, we’ve never had to do anything with that screen before. We simply connect our local Active Directory Domain with AppSheet via the integration APIs, then we setup AD security Groups on our side. When users are assigned to these AD Security Groups on our side, they use to automatically have the access as defined in the AppSheet App Roles as shown in the image in my earlier post. But that no longer works.
