Forum Discussion

chetanoptimus's avatar
chetanoptimus
Copper Contributor
Sep 01, 2025

Enabling Cross-Tenant Authentication for Teams Apps with Single-Tenant Bot

Hello Team,

 

I am working on implementing authentication for a Teams application using the Microsoft 365 Agents SDK. Following Microsoft’s current guidance, I have:

  • Registered a single-tenant Azure AD bot.
  • Integrated Azure AD authentication.
  • Prepared for AppSource distribution as the long-term supported method for cross-tenant availability.

However, I am still facing challenges in reliably enabling sign-in for external users from other tenants. Specifically:

  • The cross-tenant sign-in flow remains unclear.
  • Validating authentication across multiple tenants is difficult without official end-to-end guidance.
  • Existing samples and documentation primarily address single-tenant or internal-only scenarios.

As of now, authentication for external users is still difficult to get working and validate consistently across tenants.

Could you provide detailed guides, samples, or best practices for:

  1. Enabling authentication for external users in this single tenant + AppSource distribution model.
  2. Recommended patterns for testing cross-tenant authentication before AppSource submission.
  3. Any roadmap considerations for simplifying this scenario.

This would help ensure Teams apps can meet compliance requirements while still delivering a smooth sign-in experience for users across organizations.

 

Thank You,

Chetan

Resources