8

Understanding Azure AD Single Sign-on for Microsoft Teams apps

 2 years ago
source link: https://devblogs.microsoft.com/microsoft365dev/understanding-azure-ad-single-sign-on-for-microsoft-teams-apps/?WT_mc_id=DOP-MVP-4025064
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

Understanding Azure AD Single Sign-on for Microsoft Teams apps

December 7th, 2021

If you want to understand the sometimes-complex topic of Single Sign-on (SSO), keep reading this blog and check out our corresponding video. Both are a starting point for developers who want to build Microsoft Teams apps and need to understand SSO with Azure Active Directory, the authentication system used by Microsoft Teams.

What is SSO and why do you need it?

There is no single definition for SSO, which is part of the confusion. This is true even within Microsoft. Here, we explain and demonstrate the SSO approaches used in the Microsoft Commercial Marketplace (app store) and within an app running in Microsoft Teams to help you get started building SSO for your Teams application.

There are good reasons to include Azure AD SSO in your Microsoft Teams app:

  • It’s easier for users, who otherwise would need to juggle a different account to use your app in Teams than they use to log into Teams itself.
  • It’s easier for team owners and administrators, who need to ensure all users have the extra login, and who have to manually set permissions when Team members change, for example.
  • It’s required to monetize your application in the Microsoft Teams store.
  • It’s required for the Microsoft App Compliance Program, which helps Microsoft customers select trustworthy applications.

This video walks you through the concepts you need to understand SSO for building and troubleshooting applications. Topics covered include:

  • What is SSO and why is it important?
  • Microsoft 365 tenants and Azure AD
  • Azure AD app registration, resources and scopes
  • Four common confusions: Azure AD and similarly named products, Microsoft 365 and Azure tenants vs. subscriptions, different terms that mean the same thing, and the different kinds of permissions
  • OAuth 2.0 protocols with Azure AD
  • Single page applications with Azure AD, similar to how a monetized Teams store app’s landing page handles authentication
  • Teams tab with pop-up authentication
  • Teams tab with Teams SSO (the preferred method)
  • Teams tab with SharePoint Framework
  • Teams bot with Azure AD auth
  • Troubleshooting tips

Check out the video and leave comments if you have additional questions or requests for other video topics!

References

Happy coding!


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK