Forum Discussion
SadPython
Jul 07, 2024Copper Contributor
Can I use Teams SSO to authenticate users into my main app?
I have an app I want to embed as a tab in MS Teams. Users may already have an account outside of teams and I use magic login link to typically to log users in. I want to know if I can leverage teams tab SSO to log users into their existing account. So my idea is:
- User has an account with my app already. It is associated with their organization email.
- They access my app in Teams and grant permissions necessary, my app gets an auth token and validates it
- If that is successful, I find the user's account associated with their email and log them in with a magic login link
I'm wondering if this is a valid use case for teams tab sso? Is it enough to trust that the validated token means the user is good and can be logged in? I know typically there is a "sign in with microsoft" idp option but that is a larger lift. Was wondering if there are big security red flags here. I want to make sure that when a token is validated I can link a user from MS Teams to their account in main app via email and log them in.
- Nivedipa-MSFTMicrosoftSadPython - Could you please track this issue here: https://learn.microsoft.com/en-us/answers/questions/1803725/is-teams-tab-sso-enough-to-validate-user
- SadPythonCopper ContributorAh sure- just wanted to get more visibility across these forums. Thanks. Let me know if you have any thoughts around this question. Thanks.