Single sign-on in Office Add-ins for Azure AD application

0
votes

I'm making a multi-tenant application that's registered on Azure AD.

Question is can I setup my app to enable Single Sign on for Office Add-ins using the new sso provided (https://dev.office.com/docs/add-ins/develop/sso-in-office-add-ins)? -- feature is still in preveiw

Currently we're using a pop-up dialog to prompt for login to our application which requires user action. Proposed SSO would make that process automatic and enhance user experience.

Guide states that we must register our application on this portal: https://apps.dev.microsoft.com. However we already have our app registered on AAD, and topic is unclear on whether it will work for apps already registered through AAD.

1
office365azure-active-directorymicrosoft-graph-apioffice-jsoffice-addins

1 Answers

0
votes

If you have previously registered the app at the AAD V2 endpoint (that's required!), then you can in principle use it with SSO, provided it is registered in the right way. For example, the Web API platform has to be enabled.

Be sure you look through one of the two walkthroughs linked to at the end of the article that you linked to. There are important details that the article you linked to doesn't contain.

You can have multi-tenant support with the SSO preview. But the setup instructions are a bit more complex. In both of the walkthroughs mentioned above, there are sections on "Register the add-in with Azure AD v2.0 endpoint", "Grant admin consent to the add-in", and "Configure the add-in". For multi-tenant support, go through all 3 sections for one O365 tenancy. Then for each additional O365 tenancy where you want to use the add-in, have an administrator of the tenancy repeat the steps of the section "Grant admin consent to the add-in" (but skip step 7 of the ASP.NET walkthrough or step 6 of the Node.js walkthrough). Do not repeat "Register..." or "Configure..." sections.