[Outlook](authentication) Updates to promote current NAA auth approach#5589
[Outlook](authentication) Updates to promote current NAA auth approach#5589davidchesnut wants to merge 14 commits intomainfrom
Conversation
|
Learn Build status updates of commit 54e8919: ❌ Validation status: errorsPlease follow instructions here which may help to resolve issue.
For more details, please refer to the build report. Note: Your PR may contain errors or warnings or suggestions unrelated to the files you changed. This happens when external dependencies like GitHub alias, Microsoft alias, cross repo links are updated. Please use these instructions to resolve them. |
|
Learn Build status updates of commit 41e02e8: ✅ Validation status: passed
For more details, please refer to the build report. |
PoliCheck Scan ReportThe following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans. ✅ No issues foundMore information about PoliCheckInformation: PoliCheck | Severity Guidance | Term |
docs/outlook/authentication.md
Outdated
| Single sign-on (SSO) improves the user experience by allowing users to sign in once to Office. Users aren’t required to sign in again when interacting with the add-in. Nested App Authentication (NAA) enables SSO for Office Add-ins running in the context of native Office applications. NAA makes handling SSO simpler for your add-in code. NAA enables you to make Microsoft Graph calls from your add-in client code as an SPA without the need for a middle-tier server. There’s no need to use Office.js APIs as NAA is provided by the MSAL.js library. | ||
|
|
||
| Consider using SSO access tokens if your add-in: | ||
| To enable your Outlook add-in to use NAA, see [Enable SSO in an Office Add-in using nested app authentication (preview)](../develop/enable-nested-app-authentication-in-your-add-in.md). For more information about support, see [Nested app auth requirement set](/javascript/api/requirement-sets/common/nested-app-auth-requirement-sets). |
There was a problem hiding this comment.
Should the article title still include "preview"?
docs/outlook/authentication.md
Outdated
| - Needs access to: | ||
| - Microsoft services that are exposed as part of Microsoft Graph | ||
| - A non-Microsoft service that you control | ||
| Also refer to the following NAA samples for Outlook. |
There was a problem hiding this comment.
Consider adding the samples to a subsection for improved visibility.
docs/outlook/authentication.md
Outdated
|
|
||
| > [!NOTE] | ||
| > Most functionality in the Exchange user identity token can also be achieved by using the [Microsoft Graph mail API](/graph/outlook-mail-concept-overview). | ||
|
|
There was a problem hiding this comment.
| [!INCLUDE [legacy-exchange-token-deprecation](../includes/legacy-exchange-token-deprecation.md)] | |
| > [!NOTE] | |
| > Most functionality in the Exchange user identity token can also be achieved by using the [Microsoft Graph mail API](/graph/outlook-mail-concept-overview). |
If you accept the previous suggestion to move the alerts, this removes the alerts from this subsection.
| @@ -39,6 +39,6 @@ After you configure the well-known URI, if your add-in implements SSO, you can t | |||
|
|
|||
There was a problem hiding this comment.
Do we need to amend or remove the note about Office.auth.getAccessToken?
There was a problem hiding this comment.
I agree - I don't think we need to promote OBO here, change it to call out NAA supports this in the note or remove it? Would we also remove the line above that tells them to use OBO getAccessToken?
There was a problem hiding this comment.
I rewrote this to be more clear. It's if you need to support older clients with legacy SSO this is recommended.
mattgeim
left a comment
mattgeim
left a comment
There was a problem hiding this comment.
+1 to Sam's suggestions, otherwise 👍
Co-authored-by: Sam Ramon <15154970+samantharamon@users.noreply.github.com>
|
Learn Build status updates of commit f619e42: ✅ Validation status: passed
For more details, please refer to the build report. |
PoliCheck Scan ReportThe following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans. ✅ No issues foundMore information about PoliCheckInformation: PoliCheck | Severity Guidance | Term |
Co-authored-by: Sam Ramon <15154970+samantharamon@users.noreply.github.com>
Co-authored-by: Sam Ramon <15154970+samantharamon@users.noreply.github.com>
PoliCheck Scan ReportThe following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans. ✅ No issues foundMore information about PoliCheckInformation: PoliCheck | Severity Guidance | Term |
|
Learn Build status updates of commit 965be2e: ✅ Validation status: passed
For more details, please refer to the build report. |
Co-authored-by: Sam Ramon <15154970+samantharamon@users.noreply.github.com>
PoliCheck Scan ReportThe following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans. ✅ No issues foundMore information about PoliCheckInformation: PoliCheck | Severity Guidance | Term |
Co-authored-by: Sam Ramon <15154970+samantharamon@users.noreply.github.com>
|
Learn Build status updates of commit 14bfacb: ✅ Validation status: passed
For more details, please refer to the build report. |
Co-authored-by: Sam Ramon <15154970+samantharamon@users.noreply.github.com>
PoliCheck Scan ReportThe following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans. ✅ No issues foundMore information about PoliCheckInformation: PoliCheck | Severity Guidance | Term |
Co-authored-by: Sam Ramon <15154970+samantharamon@users.noreply.github.com>
Co-authored-by: Sam Ramon <15154970+samantharamon@users.noreply.github.com>
Co-authored-by: Sam Ramon <15154970+samantharamon@users.noreply.github.com>
PoliCheck Scan ReportThe following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans. ✅ No issues foundMore information about PoliCheckInformation: PoliCheck | Severity Guidance | Term |
|
Learn Build status updates of commit 7fa7256: ✅ Validation status: passed
For more details, please refer to the build report. |
…Dev/office-js-docs-pr into davech-outlook-naa-update
PoliCheck Scan ReportThe following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans. ✅ No issues foundMore information about PoliCheckInformation: PoliCheck | Severity Guidance | Term |
|
Learn Build status updates of commit 075ca2a: ✅ Validation status: passed
For more details, please refer to the build report. |
PoliCheck Scan ReportThe following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans. ✅ No issues foundMore information about PoliCheckInformation: PoliCheck | Severity Guidance | Term |
|
Learn Build status updates of commit a30585c: ✅ Validation status: passed
For more details, please refer to the build report. |
|
Learn Build status updates of commit 978ede2: ✅ Validation status: passed
For more details, please refer to the build report. |
PoliCheck Scan ReportThe following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans. ✅ No issues foundMore information about PoliCheckInformation: PoliCheck | Severity Guidance | Term |
4 participants
NAA is now our recommended auth pattern for implementing SSO. This PR: