From 6fd687dd7420ce1721ad3f13e400ca2f08e1bf51 Mon Sep 17 00:00:00 2001 From: Jan Hajek Date: Mon, 9 Sep 2024 09:06:42 +0200 Subject: [PATCH 1/8] Initial list of applications for consent. --- src/.vuepress/config.js | 1 + .../required-application-consent.md | 39 +++++++++++++++++++ 2 files changed, 40 insertions(+) create mode 100644 src/en/customizer-guide/required-application-consent.md diff --git a/src/.vuepress/config.js b/src/.vuepress/config.js index 2ce05fea1..9725014a9 100644 --- a/src/.vuepress/config.js +++ b/src/.vuepress/config.js @@ -658,6 +658,7 @@ module.exports = config({ collapsable: false, children: [ ['', 'Introduction'], + ['required-application-consent', 'Required Application Consent'], ] }, { diff --git a/src/en/customizer-guide/required-application-consent.md b/src/en/customizer-guide/required-application-consent.md new file mode 100644 index 000000000..c76606532 --- /dev/null +++ b/src/en/customizer-guide/required-application-consent.md @@ -0,0 +1,39 @@ + +# Applications + +| Name | Consent Link | Owner | Client ID | +| - | - | - | - | +| [TALXIS Deployments](#talxis-deployments) | [LINK](https://talxis.com/add-deployment-app) | INT0006 | 4ab337b1-27bc-421d-8d56-7462bbea9831 +| [TALXIS Data Feed](#talxis-data-feed) | [LINK](https://login.microsoftonline.com/common/adminconsent?client_id=e8af2b8e-a8de-4669-8d94-6b684068beef) | INT0010 | e8af2b8e-a8de-4669-8d94-6b684068beef +| [TALXIS Data Feed - Flow](#talxis-data-feed---flow) | [LINK](https://talxis.com/add-connectors-app) | INT0010 | 28d529aa-b85e-4469-9cf3-937bea582555 +| [TALXIS - PCF.MapPicker](#talxis---pcfmappicker) | [LINK](https://login.microsoftonline.com/common/adminconsent?client_id=1dc2b128-6003-42b6-a989-d78d6c0d0a5c) | INT0015 | 1dc2b128-6003-42b6-a989-d78d6c0d0a5c +| [TALXIS - PCF.FilePicker](#talxis---pcffilepicker) | [LINK](https://talxis.com/add-dms-app) | INT0015 | 1fd1cbbe-eefe-4583-b422-4a7661cf5c60 +| [TALXIS - PCF.CompanyProfileHinting](#talxis---pcfcompanyprofilehinting) | [LINK](https://talxis.com/add-controls-app) | INT0015 | b8becf32-7f36-4d2f-bbdc-456c6e910405 +| [TALXIS - PCF.AddressPicker](#talxis---pcfaddresspicker) | [LINK](https://login.microsoftonline.com/common/adminconsent?client_id=7941f3c9-f4db-441d-9fce-7b3eb7a2ef10) | INT0015 | 7941f3c9-f4db-441d-9fce-7b3eb7a2ef10 +| [TALXIS - Client](#talxis---client) | [LINK](https://login.microsoftonline.com/common/adminconsent?client_id=526f3cf8-fd5c-4648-87f6-b0e4b986acdb) | INT0015 | 526f3cf8-fd5c-4648-87f6-b0e4b986acdb + +# Details + +## TALXIS Deployments + +Used for deployments of applications to Power Platform environment. Application can only write to environments where permissions have been [explicitly granted to the service principal](https://learn.microsoft.com/en-us/power-platform/admin/manage-application-users). The principal is non-interactive. + +### Permissions +* Access Common Data Service (Dataverse) as organization user +* Sign in and read user profile + +## TALXIS Data Feed + +## TALXIS Data Feed - Flow + +## TALXIS - PCF.MapPicker + +## TALXIS - PCF.FilePicker + +## TALXIS - PCF.CompanyProfileHinting + +## TALXIS - PCF.AddressPicker + +## TALXIS - Client + +Used in an [authentication broker (internal)](https://dev.azure.com/thenetworg/INT0015/_wiki/wikis/INT0015.wiki/4301/Authentication-Flow?anchor=authentication-broker) scenario, where a token is required from PCF or custom code. It prevents users from getting multiple authentication popups due to 3rd party cookie restrictions. From 20d6e9690df1fb07e29310484d9480546a007488 Mon Sep 17 00:00:00 2001 From: Jan Hajek Date: Mon, 9 Sep 2024 09:16:27 +0200 Subject: [PATCH 2/8] Add more details. --- .../required-application-consent.md | 35 +++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/src/en/customizer-guide/required-application-consent.md b/src/en/customizer-guide/required-application-consent.md index c76606532..333717e32 100644 --- a/src/en/customizer-guide/required-application-consent.md +++ b/src/en/customizer-guide/required-application-consent.md @@ -24,16 +24,51 @@ Used for deployments of applications to Power Platform environment. Application ## TALXIS Data Feed +Used as a resource to verify TALXIS Data Feed access. Doesn't need to be explicitly consented. + ## TALXIS Data Feed - Flow +Enables use of TALXIS Data Feed API from Power Automate. + +### Permissions +* Access Data Feed as Current User +* Sign in and read user profile + ## TALXIS - PCF.MapPicker +Map control used in TALXIS applications. + +### Permissions +* Access Data Feed as Current User +* Sign in and read user profile + ## TALXIS - PCF.FilePicker +Custom control that allows users to work with SharePoint or Dataverse documents easily and directly from TALXIS applications. + +### Permissions +* Read items in all site collections +* Have full access to all files user can access +* Have full access to user files +* Read all groups +* Sign in and read user profile" + ## TALXIS - PCF.CompanyProfileHinting +Company autosuggest control used in TALXIS applications. + +### Permissions +* Access Data Feed as Current User +* Sign in and read user profile + ## TALXIS - PCF.AddressPicker +Address autosuggest control used in TALXIS applications. + +### Permissions +* Access Data Feed as Current User +* Sign in and read user profile + ## TALXIS - Client Used in an [authentication broker (internal)](https://dev.azure.com/thenetworg/INT0015/_wiki/wikis/INT0015.wiki/4301/Authentication-Flow?anchor=authentication-broker) scenario, where a token is required from PCF or custom code. It prevents users from getting multiple authentication popups due to 3rd party cookie restrictions. From c09c1fdf16f23185351b0dccab085995642f94a4 Mon Sep 17 00:00:00 2001 From: Jan Hajek Date: Thu, 12 Sep 2024 11:35:46 +0200 Subject: [PATCH 3/8] Add TALXIS - PCF.FilePicker - Group Creation --- .../required-application-consent.md | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/src/en/customizer-guide/required-application-consent.md b/src/en/customizer-guide/required-application-consent.md index 333717e32..0aff0f4b5 100644 --- a/src/en/customizer-guide/required-application-consent.md +++ b/src/en/customizer-guide/required-application-consent.md @@ -8,6 +8,7 @@ | [TALXIS Data Feed - Flow](#talxis-data-feed---flow) | [LINK](https://talxis.com/add-connectors-app) | INT0010 | 28d529aa-b85e-4469-9cf3-937bea582555 | [TALXIS - PCF.MapPicker](#talxis---pcfmappicker) | [LINK](https://login.microsoftonline.com/common/adminconsent?client_id=1dc2b128-6003-42b6-a989-d78d6c0d0a5c) | INT0015 | 1dc2b128-6003-42b6-a989-d78d6c0d0a5c | [TALXIS - PCF.FilePicker](#talxis---pcffilepicker) | [LINK](https://talxis.com/add-dms-app) | INT0015 | 1fd1cbbe-eefe-4583-b422-4a7661cf5c60 +| [TALXIS - PCF.FilePicker - Group Creation](#talxis---pcffilepicker---group-creation) | [LINK](https://login.microsoftonline.com/common/adminconsent?client_id=6fc7f36a-b972-45c9-8516-06c0600b4183) | INT0015 | 6fc7f36a-b972-45c9-8516-06c0600b4183 | [TALXIS - PCF.CompanyProfileHinting](#talxis---pcfcompanyprofilehinting) | [LINK](https://talxis.com/add-controls-app) | INT0015 | b8becf32-7f36-4d2f-bbdc-456c6e910405 | [TALXIS - PCF.AddressPicker](#talxis---pcfaddresspicker) | [LINK](https://login.microsoftonline.com/common/adminconsent?client_id=7941f3c9-f4db-441d-9fce-7b3eb7a2ef10) | INT0015 | 7941f3c9-f4db-441d-9fce-7b3eb7a2ef10 | [TALXIS - Client](#talxis---client) | [LINK](https://login.microsoftonline.com/common/adminconsent?client_id=526f3cf8-fd5c-4648-87f6-b0e4b986acdb) | INT0015 | 526f3cf8-fd5c-4648-87f6-b0e4b986acdb @@ -44,14 +45,23 @@ Map control used in TALXIS applications. ## TALXIS - PCF.FilePicker -Custom control that allows users to work with SharePoint or Dataverse documents easily and directly from TALXIS applications. +Custom control that allows users to work with SharePoint or Dataverse documents easily and directly from TALXIS applications. Optionally complemented with [TALXIS - PCF.FilePicker - Group Creation](#talxis---pcffilepicker---group-creation) application. ### Permissions * Read items in all site collections * Have full access to all files user can access * Have full access to user files * Read all groups -* Sign in and read user profile" +* Sign in and read user profile + +## TALXIS - PCF.FilePicker - Group Creation + +Optional app registration if you want the File Picker PCF to allow for group creation via UI. + +### Permissions +* Read and write all groups +* Read and write group memberships +* Sign in and read user profile ## TALXIS - PCF.CompanyProfileHinting From c46ecb478ee5c03de76b4459d227f9fd0361a92e Mon Sep 17 00:00:00 2001 From: Jan Hajek Date: Mon, 16 Sep 2024 15:21:33 +0200 Subject: [PATCH 4/8] Add TALXIS - PCF.PeopleGrid --- .../customizer-guide/required-application-consent.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/en/customizer-guide/required-application-consent.md b/src/en/customizer-guide/required-application-consent.md index 0aff0f4b5..db4a9e9fa 100644 --- a/src/en/customizer-guide/required-application-consent.md +++ b/src/en/customizer-guide/required-application-consent.md @@ -12,6 +12,7 @@ | [TALXIS - PCF.CompanyProfileHinting](#talxis---pcfcompanyprofilehinting) | [LINK](https://talxis.com/add-controls-app) | INT0015 | b8becf32-7f36-4d2f-bbdc-456c6e910405 | [TALXIS - PCF.AddressPicker](#talxis---pcfaddresspicker) | [LINK](https://login.microsoftonline.com/common/adminconsent?client_id=7941f3c9-f4db-441d-9fce-7b3eb7a2ef10) | INT0015 | 7941f3c9-f4db-441d-9fce-7b3eb7a2ef10 | [TALXIS - Client](#talxis---client) | [LINK](https://login.microsoftonline.com/common/adminconsent?client_id=526f3cf8-fd5c-4648-87f6-b0e4b986acdb) | INT0015 | 526f3cf8-fd5c-4648-87f6-b0e4b986acdb +| [TALXIS - PCF.PeopleGrid](#talxis---pcfpeoplegrid) | [LINK](https://login.microsoftonline.com/common/adminconsent?client_id=7facec0a-d26e-4f71-a213-38b317b4dfe0) | INT0015, PCT21016 | 7facec0a-d26e-4f71-a213-38b317b4dfe0 # Details @@ -82,3 +83,12 @@ Address autosuggest control used in TALXIS applications. ## TALXIS - Client Used in an [authentication broker (internal)](https://dev.azure.com/thenetworg/INT0015/_wiki/wikis/INT0015.wiki/4301/Authentication-Flow?anchor=authentication-broker) scenario, where a token is required from PCF or custom code. It prevents users from getting multiple authentication popups due to 3rd party cookie restrictions. + +## TALXIS - PCF.PeopleGrid + +* INT0015 - PoepleGrid connects accounts with contacts and allows tracking of additional metadata such as contact's function withing specified account from Data Feed. +* PCT21016 - PoepleGrid connects accounts with contacts and allows tracking of extensive amount of metadata from Data Feed. + +### Permissions +* Access Data Feed as Current User +* Sign in and read user profile From 840e2c11236baa3d4f4229fd6364ff5699197e59 Mon Sep 17 00:00:00 2001 From: Jan Hajek Date: Wed, 25 Sep 2024 14:39:15 +0200 Subject: [PATCH 5/8] Add TALXIS - PCF.FilePicker - Advanced Permissions --- src/en/customizer-guide/required-application-consent.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/en/customizer-guide/required-application-consent.md b/src/en/customizer-guide/required-application-consent.md index db4a9e9fa..7e21b831f 100644 --- a/src/en/customizer-guide/required-application-consent.md +++ b/src/en/customizer-guide/required-application-consent.md @@ -9,6 +9,7 @@ | [TALXIS - PCF.MapPicker](#talxis---pcfmappicker) | [LINK](https://login.microsoftonline.com/common/adminconsent?client_id=1dc2b128-6003-42b6-a989-d78d6c0d0a5c) | INT0015 | 1dc2b128-6003-42b6-a989-d78d6c0d0a5c | [TALXIS - PCF.FilePicker](#talxis---pcffilepicker) | [LINK](https://talxis.com/add-dms-app) | INT0015 | 1fd1cbbe-eefe-4583-b422-4a7661cf5c60 | [TALXIS - PCF.FilePicker - Group Creation](#talxis---pcffilepicker---group-creation) | [LINK](https://login.microsoftonline.com/common/adminconsent?client_id=6fc7f36a-b972-45c9-8516-06c0600b4183) | INT0015 | 6fc7f36a-b972-45c9-8516-06c0600b4183 +| [TALXIS - PCF.FilePicker - Advanced Permissions](#talxis---pcffilepicker---advanced-permissions) | [LINK](https://login.microsoftonline.com/common/adminconsent?client_id=a6631d2e-c9f0-4327-ba73-5fc8cb87a037) | INT0015 | 6fc7f36a-b972-45c9-8516-06c0600b4183 | [TALXIS - PCF.CompanyProfileHinting](#talxis---pcfcompanyprofilehinting) | [LINK](https://talxis.com/add-controls-app) | INT0015 | b8becf32-7f36-4d2f-bbdc-456c6e910405 | [TALXIS - PCF.AddressPicker](#talxis---pcfaddresspicker) | [LINK](https://login.microsoftonline.com/common/adminconsent?client_id=7941f3c9-f4db-441d-9fce-7b3eb7a2ef10) | INT0015 | 7941f3c9-f4db-441d-9fce-7b3eb7a2ef10 | [TALXIS - Client](#talxis---client) | [LINK](https://login.microsoftonline.com/common/adminconsent?client_id=526f3cf8-fd5c-4648-87f6-b0e4b986acdb) | INT0015 | 526f3cf8-fd5c-4648-87f6-b0e4b986acdb @@ -57,13 +58,17 @@ Custom control that allows users to work with SharePoint or Dataverse documents ## TALXIS - PCF.FilePicker - Group Creation -Optional app registration if you want the File Picker PCF to allow for group creation via UI. +Optional app registration if you want the File Picker PCF to allow for group creation via UI. Primarily used in the previous version of File Picker. ### Permissions * Read and write all groups * Read and write group memberships * Sign in and read user profile +## TALXIS - PCF.FilePicker - Advanced Permissions + +TBD + ## TALXIS - PCF.CompanyProfileHinting Company autosuggest control used in TALXIS applications. From 1859b91902011e9cea98e00b63f4da9f6e0c77b6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Gallovi=C4=8D?= Date: Wed, 16 Oct 2024 13:23:50 +0200 Subject: [PATCH 6/8] Update required-application-consent.md --- .../customizer-guide/required-application-consent.md | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/src/en/customizer-guide/required-application-consent.md b/src/en/customizer-guide/required-application-consent.md index 7e21b831f..316f6eb89 100644 --- a/src/en/customizer-guide/required-application-consent.md +++ b/src/en/customizer-guide/required-application-consent.md @@ -15,8 +15,17 @@ | [TALXIS - Client](#talxis---client) | [LINK](https://login.microsoftonline.com/common/adminconsent?client_id=526f3cf8-fd5c-4648-87f6-b0e4b986acdb) | INT0015 | 526f3cf8-fd5c-4648-87f6-b0e4b986acdb | [TALXIS - PCF.PeopleGrid](#talxis---pcfpeoplegrid) | [LINK](https://login.microsoftonline.com/common/adminconsent?client_id=7facec0a-d26e-4f71-a213-38b317b4dfe0) | INT0015, PCT21016 | 7facec0a-d26e-4f71-a213-38b317b4dfe0 -# Details +# Why +Until now we have been using standalone authentication per [PFC](https://netwiseglobal.com/blog/2024/03/15/what_are_pcf_components_and_how_do_they_help_users_and_developers/) control. + +The issue is, that when [3rd party cookies are blocked in the browser](https://cookie-script.com/all-you-need-to-know-about-third-party-cookies.html) (Safari by default, you can enable this behavior in other browsers as well). This effectively breaks any silent [SSO](https://gatekeeperhelp.zendesk.com/hc/en-us/articles/1500003649281-What-is-Silent-Authentication) method in OpenID Connect (via MSAL.js for example) which uses iframe behind the scenes to obtain the token, and you will end up with [AADSTS50058](https://github.com/AzureAD/microsoft-authentication-library-for-js/issues/4782) error. +This issue is not just Microsoft auth stack related, but is also faced by other including [Salesforce](https://help.salesforce.com/s/articleView?id=sf.external_identity_login_considerations.htm&type=5) and Microsoft Dynamics. More perspective on this issue from AAD [here](https://learn.microsoft.com/en-us/azure/active-directory/develop/reference-third-party-cookies-spas). +# Broker model +We are now using a "broker model" for authentication, to streamline the token management. Simply a hidden global ribbon button with a script which handles the token management providing a single authorization experience for all PCFs and scripts, while also preventing multiple popups. It then utilizes our Token Service with [On-Behalf-Of (OBO)](https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-on-behalf-of-flow) flow to exchange tokens. + +# Details +Preview of permissions could be found [here](https://learn.microsoft.com/en-us/graph/permissions-reference). ## TALXIS Deployments Used for deployments of applications to Power Platform environment. Application can only write to environments where permissions have been [explicitly granted to the service principal](https://learn.microsoft.com/en-us/power-platform/admin/manage-application-users). The principal is non-interactive. From 48a9f2215c44a8cfbaad6a3ed29ec876422becf3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Gallovi=C4=8D?= Date: Wed, 16 Oct 2024 16:41:45 +0200 Subject: [PATCH 7/8] Update required-application-consent.md --- .../required-application-consent.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/en/customizer-guide/required-application-consent.md b/src/en/customizer-guide/required-application-consent.md index 316f6eb89..a078371ae 100644 --- a/src/en/customizer-guide/required-application-consent.md +++ b/src/en/customizer-guide/required-application-consent.md @@ -32,7 +32,7 @@ Used for deployments of applications to Power Platform environment. Application ### Permissions * Access Common Data Service (Dataverse) as organization user -* Sign in and read user profile +* Sign in and read signed in user profile ## TALXIS Data Feed @@ -44,7 +44,7 @@ Enables use of TALXIS Data Feed API from Power Automate. ### Permissions * Access Data Feed as Current User -* Sign in and read user profile +* Sign in and read signed in user profile ## TALXIS - PCF.MapPicker @@ -52,7 +52,7 @@ Map control used in TALXIS applications. ### Permissions * Access Data Feed as Current User -* Sign in and read user profile +* Sign in and read signed in user profile ## TALXIS - PCF.FilePicker @@ -63,7 +63,7 @@ Custom control that allows users to work with SharePoint or Dataverse documents * Have full access to all files user can access * Have full access to user files * Read all groups -* Sign in and read user profile +* Sign in and read signed in user profile ## TALXIS - PCF.FilePicker - Group Creation @@ -72,7 +72,7 @@ Optional app registration if you want the File Picker PCF to allow for group cre ### Permissions * Read and write all groups * Read and write group memberships -* Sign in and read user profile +* Sign in and read signed in user profile ## TALXIS - PCF.FilePicker - Advanced Permissions @@ -84,7 +84,7 @@ Company autosuggest control used in TALXIS applications. ### Permissions * Access Data Feed as Current User -* Sign in and read user profile +* Sign in and read signed in user profile ## TALXIS - PCF.AddressPicker @@ -92,7 +92,7 @@ Address autosuggest control used in TALXIS applications. ### Permissions * Access Data Feed as Current User -* Sign in and read user profile +* Sign in and read signed in user profile ## TALXIS - Client @@ -105,4 +105,4 @@ Used in an [authentication broker (internal)](https://dev.azure.com/thenetworg/I ### Permissions * Access Data Feed as Current User -* Sign in and read user profile +* Sign in and read signed in user profile From 5390f108fc957f066c28e79cd7166da81f6e4a9e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Gallovi=C4=8D?= Date: Wed, 16 Oct 2024 16:47:20 +0200 Subject: [PATCH 8/8] Added delegate --- .../required-application-consent.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/en/customizer-guide/required-application-consent.md b/src/en/customizer-guide/required-application-consent.md index a078371ae..96e5051c7 100644 --- a/src/en/customizer-guide/required-application-consent.md +++ b/src/en/customizer-guide/required-application-consent.md @@ -30,7 +30,7 @@ Preview of permissions could be found [here](https://learn.microsoft.com/en-us/g Used for deployments of applications to Power Platform environment. Application can only write to environments where permissions have been [explicitly granted to the service principal](https://learn.microsoft.com/en-us/power-platform/admin/manage-application-users). The principal is non-interactive. -### Permissions +### Permissions (delegated) * Access Common Data Service (Dataverse) as organization user * Sign in and read signed in user profile @@ -42,7 +42,7 @@ Used as a resource to verify TALXIS Data Feed access. Doesn't need to be explici Enables use of TALXIS Data Feed API from Power Automate. -### Permissions +### Permissions (delegated) * Access Data Feed as Current User * Sign in and read signed in user profile @@ -50,7 +50,7 @@ Enables use of TALXIS Data Feed API from Power Automate. Map control used in TALXIS applications. -### Permissions +### Permissions (delegated) * Access Data Feed as Current User * Sign in and read signed in user profile @@ -58,7 +58,7 @@ Map control used in TALXIS applications. Custom control that allows users to work with SharePoint or Dataverse documents easily and directly from TALXIS applications. Optionally complemented with [TALXIS - PCF.FilePicker - Group Creation](#talxis---pcffilepicker---group-creation) application. -### Permissions +### Permissions (delegated) * Read items in all site collections * Have full access to all files user can access * Have full access to user files @@ -69,7 +69,7 @@ Custom control that allows users to work with SharePoint or Dataverse documents Optional app registration if you want the File Picker PCF to allow for group creation via UI. Primarily used in the previous version of File Picker. -### Permissions +### Permissions (delegated) * Read and write all groups * Read and write group memberships * Sign in and read signed in user profile @@ -82,7 +82,7 @@ TBD Company autosuggest control used in TALXIS applications. -### Permissions +### Permissions (delegated) * Access Data Feed as Current User * Sign in and read signed in user profile @@ -90,7 +90,7 @@ Company autosuggest control used in TALXIS applications. Address autosuggest control used in TALXIS applications. -### Permissions +### Permissions (delegated) * Access Data Feed as Current User * Sign in and read signed in user profile @@ -103,6 +103,6 @@ Used in an [authentication broker (internal)](https://dev.azure.com/thenetworg/I * INT0015 - PoepleGrid connects accounts with contacts and allows tracking of additional metadata such as contact's function withing specified account from Data Feed. * PCT21016 - PoepleGrid connects accounts with contacts and allows tracking of extensive amount of metadata from Data Feed. -### Permissions +### Permissions (delegated) * Access Data Feed as Current User * Sign in and read signed in user profile