Teamsware Add-in deployment - 'Add-in is not trusted' error when navigating to home page
This article helps to resolve an issue with "Add-in is not trusted, you should trust it before you can use it" when navigating to installed add-in home page.
Mostly this message appears for new tenants. It means, that add-in you want to use to deploy your Solution doesn't have permissions to the Site where it's installed (even if you trust it during installation process).
skybow Add-in deployment use ACS (Azure Access Control) app-only access token to get permissions only for current site to start deployment process and for new tenants this access model is disabled by default.
To check it, you could run simple PowerShell Command: Get-SPOTenant and find then DisableCustomAppAuthentication property in a result:
$orgName="<name of your Office 365 organization, example: contosotoycompany>"
Connect-SPOService -Url https://$orgName-admin.sharepoint.com -Credential Get-credential
Get-SPOTenant
Connect-SPOservice - will ask for Credentials to connect to SharePoint Online by Url to admin center. Please use Global Admin credentials.
Get-SPOtenant - will get all tenant properties and it's values.
In a result screenshot above value of DisableCustomAppAuthentication property is set to True which means that add-ins with ACS (Azure Access Control) app-only access token model disabled.
To change this behavior you can use another simple PowerShell command set-spotenant -DisableCustomAppAuthentication $false'. This will change the value for the property and should be done only once.
$orgName="<name of your Office 365 organization, example: contosotoycompany>"
Connect-SPOService -Url https://$orgName-admin.sharepoint.com -Credential Get-credential
set-spotenant -DisableCustomAppAuthentication $falseConnect-SPOservice - will ask for Credentials to connect to SharePoint Online by Url to admin center. Please use Global Admin credentialsю.
set-spotenant - will set DisableCustomAppAuthentication tenant property to false. This will allow to use add-ins with ACS app-only access tokens.
Note: Install latest SharePoint Online Management Shell to get correct results.
Note: Global admin credential should be used to connect to SharePoint Online and get/set DisableCustomAppAuthentication property
After set-spotenant command is executed, please login to your site again and try to re-trust installed add-in for deployment again.
Now you should be able to navigate to home page and start/check your deployment.
Related Articles
Teamsware Studio API Deployment
Note: To use the Teamsware API deployment check your tenant settings and allow custom app authentication as described here What is API deployment API deployment is a type of publishing, that allows starting deployment process with HTTP call ...Teamsware Studio Update 26.10.2023
Bug fixes and improvements Teamsware Studio Improved SPFx add-in installation/updating (Modern Forms, List Actions/Automation Actions) Modern Forms Version 1.3.36 Improved uploading files to the sublibrary Сustomized forms and list views are working ...Selective Deployment
Selective Deployment feature Package & Publish is a SharePoint provisioning feature provided by Teamsware Studio that allows you to deliver your custom SharePoint solution from development to production. With this feature, you can package lists and ...Teamsware Studio Update 15.08.2024
New features Start Power Automate Flow action Added Start Power Automate Flow action for Modern Forms, List Actions, Automation Actions, Scheduled & Triggered Actions Add site to favorite action Added Add site to favorite action for Modern Forms, ...Teamsware Studio Update 16.02.2023
Bug fixes & improvements Modern Forms Version 1.3.15 Fixed threshold error during saving the generated document to the library with more than 5k items Improved error handling in 'Generate document' action Fixed <ViewFields> parameter in CAML query ...